OESA-2023-1280

See a problem?
Please try reporting it to the source first.
Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1280
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2023-1280.json
JSON Data
https://api.test.osv.dev/v1/vulns/OESA-2023-1280
Upstream
Published
2023-05-19T11:05:15Z
Modified
2025-08-12T05:17:45.886594Z
Summary
LibRaw security update
Details

LibRaw is a library for reading RAW files from digital photo cameras (CRW/CR2, NEF, RAF, etc, virtually all RAW formats are supported).It pays special attention to correct retrieval of data required for subsequent RAW conversion.The library is intended for embedding in RAW converters, data analyzers, and other programs using RAW files as the initial data.

Security Fix(es):

A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash.(CVE-2023-1729)

Database specific 
{
    "severity": "Low"
}
References

Affected packages

openEuler:20.03-LTS-SP1 / LibRaw

Package

Name
LibRaw
Purl
pkg:rpm/openEuler/LibRaw&distro=openEuler-20.03-LTS-SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.20.2-5.oe1

Ecosystem specific 

{
    "aarch64": [
        "LibRaw-debugsource-0.20.2-5.oe1.aarch64.rpm",
        "LibRaw-0.20.2-5.oe1.aarch64.rpm",
        "LibRaw-debuginfo-0.20.2-5.oe1.aarch64.rpm",
        "LibRaw-devel-0.20.2-5.oe1.aarch64.rpm"
    ],
    "x86_64": [
        "LibRaw-0.20.2-5.oe1.x86_64.rpm",
        "LibRaw-devel-0.20.2-5.oe1.x86_64.rpm",
        "LibRaw-debugsource-0.20.2-5.oe1.x86_64.rpm",
        "LibRaw-debuginfo-0.20.2-5.oe1.x86_64.rpm"
    ],
    "src": [
        "LibRaw-0.20.2-5.oe1.src.rpm"
    ]
}

openEuler:20.03-LTS-SP3 / LibRaw

Package

Name
LibRaw
Purl
pkg:rpm/openEuler/LibRaw&distro=openEuler-20.03-LTS-SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.20.2-5.oe1

Ecosystem specific 

{
    "aarch64": [
        "LibRaw-devel-0.20.2-5.oe1.aarch64.rpm",
        "LibRaw-debugsource-0.20.2-5.oe1.aarch64.rpm",
        "LibRaw-0.20.2-5.oe1.aarch64.rpm",
        "LibRaw-debuginfo-0.20.2-5.oe1.aarch64.rpm"
    ],
    "x86_64": [
        "LibRaw-debugsource-0.20.2-5.oe1.x86_64.rpm",
        "LibRaw-devel-0.20.2-5.oe1.x86_64.rpm",
        "LibRaw-debuginfo-0.20.2-5.oe1.x86_64.rpm",
        "LibRaw-0.20.2-5.oe1.x86_64.rpm"
    ],
    "src": [
        "LibRaw-0.20.2-5.oe1.src.rpm"
    ]
}

openEuler:22.03-LTS / LibRaw

Package

Name
LibRaw
Purl
pkg:rpm/openEuler/LibRaw&distro=openEuler-22.03-LTS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.20.2-6.oe2203sp1

Ecosystem specific 

{
    "aarch64": [
        "LibRaw-debuginfo-0.20.2-6.oe2203.aarch64.rpm",
        "LibRaw-0.20.2-6.oe2203.aarch64.rpm",
        "LibRaw-devel-0.20.2-6.oe2203.aarch64.rpm",
        "LibRaw-debugsource-0.20.2-6.oe2203.aarch64.rpm",
        "LibRaw-0.20.2-6.oe2203sp1.aarch64.rpm",
        "LibRaw-debuginfo-0.20.2-6.oe2203sp1.aarch64.rpm",
        "LibRaw-devel-0.20.2-6.oe2203sp1.aarch64.rpm",
        "LibRaw-debugsource-0.20.2-6.oe2203sp1.aarch64.rpm"
    ],
    "x86_64": [
        "LibRaw-0.20.2-6.oe2203.x86_64.rpm",
        "LibRaw-devel-0.20.2-6.oe2203.x86_64.rpm",
        "LibRaw-debuginfo-0.20.2-6.oe2203.x86_64.rpm",
        "LibRaw-debugsource-0.20.2-6.oe2203.x86_64.rpm",
        "LibRaw-debuginfo-0.20.2-6.oe2203sp1.x86_64.rpm",
        "LibRaw-devel-0.20.2-6.oe2203sp1.x86_64.rpm",
        "LibRaw-debugsource-0.20.2-6.oe2203sp1.x86_64.rpm",
        "LibRaw-0.20.2-6.oe2203sp1.x86_64.rpm"
    ],
    "src": [
        "LibRaw-0.20.2-6.oe2203.src.rpm",
        "LibRaw-0.20.2-6.oe2203sp1.src.rpm"
    ]
}

openEuler:22.03-LTS-SP1 / LibRaw

Package

Name
LibRaw
Purl
pkg:rpm/openEuler/LibRaw&distro=openEuler-22.03-LTS-SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.20.2-6.oe2203sp1

Ecosystem specific 

{
    "aarch64": [
        "LibRaw-0.20.2-6.oe2203sp1.aarch64.rpm",
        "LibRaw-debuginfo-0.20.2-6.oe2203sp1.aarch64.rpm",
        "LibRaw-devel-0.20.2-6.oe2203sp1.aarch64.rpm",
        "LibRaw-debugsource-0.20.2-6.oe2203sp1.aarch64.rpm"
    ],
    "x86_64": [
        "LibRaw-debuginfo-0.20.2-6.oe2203sp1.x86_64.rpm",
        "LibRaw-devel-0.20.2-6.oe2203sp1.x86_64.rpm",
        "LibRaw-debugsource-0.20.2-6.oe2203sp1.x86_64.rpm",
        "LibRaw-0.20.2-6.oe2203sp1.x86_64.rpm"
    ],
    "src": [
        "LibRaw-0.20.2-6.oe2203sp1.src.rpm"
    ]
}