OESA-2024-1450

Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1450
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2024-1450.json
JSON Data
https://api.test.osv.dev/v1/vulns/OESA-2024-1450
Upstream
Published
2024-04-12T11:07:44Z
Modified
2025-08-12T05:35:08.965263Z
Summary
LibRaw security update
Details

LibRaw is a library for reading RAW files from digital photo cameras (CRW/CR2, NEF, RAF, etc, virtually all RAW formats are supported).It pays special attention to correct retrieval of data required for subsequent RAW conversion.The library is intended for embedding in RAW converters, data analyzers, and other programs using RAW files as the initial data.

Security Fix(es):

Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRawbufferdatastream::gets(char*, int) in /src/libraw/src/libraw_datastream.cpp.(CVE-2021-32142)

Database specific
{
    "severity": "High"
}
References

Affected packages

openEuler:22.03-LTS / LibRaw

Package

Name
LibRaw
Purl
pkg:rpm/openEuler/LibRaw&distro=openEuler-22.03-LTS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.20.2-7.oe2203

Ecosystem specific

{
    "aarch64": [
        "LibRaw-debugsource-0.20.2-7.oe2203.aarch64.rpm",
        "LibRaw-devel-0.20.2-7.oe2203.aarch64.rpm",
        "LibRaw-debuginfo-0.20.2-7.oe2203.aarch64.rpm",
        "LibRaw-0.20.2-7.oe2203.aarch64.rpm"
    ],
    "x86_64": [
        "LibRaw-debuginfo-0.20.2-7.oe2203.x86_64.rpm",
        "LibRaw-devel-0.20.2-7.oe2203.x86_64.rpm",
        "LibRaw-debugsource-0.20.2-7.oe2203.x86_64.rpm",
        "LibRaw-0.20.2-7.oe2203.x86_64.rpm"
    ],
    "src": [
        "LibRaw-0.20.2-7.oe2203.src.rpm"
    ]
}