CVE-2020-15365

LibRaw before 0.20-Beta3 has an out-of-bounds write in parse_exif() in metadata\exif_gps.cpp via an unrecognized AtomName and a zero value of tiff_nifds.

packagechannelchannel versionpkg versionstatus
libraw
nixos-unstable
2020-09-26 18:00:31 UTC (daaa0e)0.20.0vulnerable
2020-09-22 06:20:19 UTC (117984)0.20.0vulnerable
2020-09-20 14:15:15 UTC (2a35f6)0.20.0vulnerable
2020-09-17 11:50:39 UTC (441a7d)0.20.0vulnerable
2020-09-13 20:25:41 UTC (e0759a)0.20.0vulnerable
2020-09-09 05:00:30 UTC (615251)0.20.0vulnerable
2020-09-07 23:05:17 UTC (a31736)0.20.0vulnerable