{"id":"MGASA-2017-0223","summary":"Updated libraw packages fix security vulnerabilities","details":"A memory corruption in parse_tiff_ifd() function (CVE-2017-6886).\n\nA memory corruption via e.g. a specially crafted KDC file\nparse_tiff_ifd() (CVE-2017-6887).\n\nAn integer overflow error within the \"foveon_load_camf()\" function\n(CVE-2017-6889).\n\nA boundary error within the \"foveon_load_camf()\" function\n(CVE-2017-6890).\n","modified":"2026-02-04T03:02:48.883550Z","published":"2017-07-28T18:12:15Z","related":["CVE-2017-6886","CVE-2017-6887","CVE-2017-6889","CVE-2017-6890"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2017-0223.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=21004"},{"type":"REPORT","url":"https://lists.opensuse.org/opensuse-updates/2017-05/msg00111.html"}],"affected":[{"package":{"name":"libraw","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/libraw?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.16.2-1.2.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0223.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}