Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 4 Jun 2013 15:51:14 +0200
From: Raphael Geissert <>
Subject: Re: CVE request: libraw: multiple issues

Hi again,

On 29 May 2013 20:00, Kurt Seifried <> wrote:
> On 05/29/2013 03:18 AM, Raphael Geissert wrote:
>> On 28 May 2013 19:58, Kurt Seifried <> wrote:
>>> On 05/28/2013 02:43 AM, Raphael Geissert wrote:
>>>> So there's a double-free (fixed in 0.15.2[3])
> Please use CVE-2013-2126 for this issue.

FWIW, I've noticed that libkdcraw and darktable embed copies of libraw
that are vulnerable to the double free.

Raphael Geissert - Debian Developer -

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.