On Sun, 03 Apr 2016 10:54:08 -0400, Hubert Chathi <uho...@debian.org> said:
> On Mon, 21 Mar 2016 12:06:38 +0100, Moritz Muehlenhoff > <j...@debian.org> said: >> CVE-2015-8366 in dcraw also affects ufraw. The dcraw upstream fix is >> https://github.com/LibRaw/LibRaw/commit/89d065424f09b788f443734d44857289489ca9e2 > It looks like ufraw (and probably all other dcraw-derived packages) is > also affected by CVE-2015-8367 > https://github.com/LibRaw/LibRaw/commit/490ef94d1796f730180039e80997efe5c58db780 > which I'll fix as well in the next ufraw upload. Never mind, ufraw (and dcraw) is not affected by that CVE, since it is only triggered by exceptions from libraw, which ufraw does not use. -- Hubert Chathi <uho...@debian.org> -- Jabber: hub...@uhoreg.ca PGP/GnuPG key: 4096R/113A1368 https://www.uhoreg.ca/ Fingerprint: F24C F749 6C73 DDB8 DCB8 72DE B2DE 88D3 113A 1368
