| Errata ID | 350 |
|---|---|
| Date | 2018-05-08 |
| Source package | libraw |
| Fixed in version | 0.16.0-9+deb8u3 |
| Description | This update addresses the following issues: * An error within the "parse_tiff_ifd()" function can be exploited to corrupt memory. (CVE-2017-6886) * A boundary error within the "parse_tiff_ifd()" function can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100" and containing multiple sequences of 0x100 and 0x14A TAGs. (CVE-2017-6887) |
| Additional notes | |
| CVE ID | CVE-2017-6886 CVE-2017-6887 |
| UCS Bug number | #45350 |
