OESA-2024-1449
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1449
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2024-1449.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/OESA-2024-1449
- Upstream
- Published
- 2024-04-12T11:07:44Z
- Modified
- 2025-08-12T05:35:08.443644Z
- Summary
- LibRaw security update
- Details
-
LibRaw is a library for reading RAW files from digital photo cameras (CRW/CR2, NEF, RAF, etc, virtually all RAW formats are supported).It pays special attention to correct retrieval of data required for subsequent RAW conversion.The library is intended for embedding in RAW converters, data analyzers, and other programs using RAW files as the initial data.
Security Fix(es):
Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRawbufferdatastream::gets(char*, int) in /src/libraw/src/libraw_datastream.cpp.(CVE-2021-32142)
- Database specific
{ "severity": "High" }- References
Affected packages
openEuler:20.03-LTS-SP4 / LibRaw
Package
- Name
- LibRaw
- Purl
- pkg:rpm/openEuler/LibRaw&distro=openEuler-20.03-LTS-SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed0.20.2-6.oe2003sp4
Ecosystem specific
{
"aarch64": [
"LibRaw-devel-0.20.2-6.oe2003sp4.aarch64.rpm",
"LibRaw-debugsource-0.20.2-6.oe2003sp4.aarch64.rpm",
"LibRaw-debuginfo-0.20.2-6.oe2003sp4.aarch64.rpm",
"LibRaw-0.20.2-6.oe2003sp4.aarch64.rpm"
],
"x86_64": [
"LibRaw-debugsource-0.20.2-6.oe2003sp4.x86_64.rpm",
"LibRaw-0.20.2-6.oe2003sp4.x86_64.rpm",
"LibRaw-debuginfo-0.20.2-6.oe2003sp4.x86_64.rpm",
"LibRaw-devel-0.20.2-6.oe2003sp4.x86_64.rpm"
],
"src": [
"LibRaw-0.20.2-6.oe2003sp4.src.rpm"
]
}