8527 moderate openSUSE Leap 42.3 Update This update for libraw fixes the following issues: The following security vulnerabilities were addressed: - CVE-2018-5813: Fixed an error within the "parse_minolta()" function (dcraw/dcraw.c) that could be exploited to trigger an infinite loop via a specially crafted file. This could be exploited to cause a DoS.(boo#1103200). - CVE-2018-5815: Fixed an integer overflow in the internal/dcraw_common.cpp:parse_qt() function, that could be exploited to cause an infinite loop via a specially crafted Apple QuickTime file. (boo#1103206) - CVE-2018-5810: Fixed an error within the rollei_load_raw() function (internal/dcraw_common.cpp) that could be exploited to cause a heap-based buffer overflow and subsequently cause a crash. (boo#1103353) - CVE-2018-5811: Fixed an error within the nikon_coolscan_load_raw() function (internal/dcraw_common.cpp) that could be exploited to cause an out-of-bounds read memory access and subsequently cause a crash. (boo#1103359) - CVE-2018-5812: Fixed another error within the nikon_coolscan_load_raw() function (internal/dcraw_common.cpp) that could be exploited to trigger a NULL pointer dereference. (boo#1103360) - CVE-2018-5807: Fixed an error within the samsung_load_raw() function (internal/dcraw_common.cpp) that could be exploited to cause an out-of-bounds read memory access and subsequently cause a crash. (boo#1103361) libraw-0.17.1-23.1.src.rpm libraw-debugsource-0.17.1-23.1.i586.rpm libraw-devel-0.17.1-23.1.i586.rpm libraw-devel-static-0.17.1-23.1.i586.rpm libraw-tools-0.17.1-23.1.i586.rpm libraw-tools-debuginfo-0.17.1-23.1.i586.rpm libraw15-0.17.1-23.1.i586.rpm libraw15-debuginfo-0.17.1-23.1.i586.rpm libraw-debugsource-0.17.1-23.1.x86_64.rpm libraw-devel-0.17.1-23.1.x86_64.rpm libraw-devel-static-0.17.1-23.1.x86_64.rpm libraw-tools-0.17.1-23.1.x86_64.rpm libraw-tools-debuginfo-0.17.1-23.1.x86_64.rpm libraw15-0.17.1-23.1.x86_64.rpm libraw15-debuginfo-0.17.1-23.1.x86_64.rpm