A buffer overflow in DCRaw might allow remote attackers to cause a Denial of Service condition.
|Package||media-gfx/dcraw on all architectures|
|Affected versions||< 9.26.0|
|Unaffected versions||>= 9.26.0|
Command-line decoder for raw digital photos.
An integer overflow was discovered in the ljpeg_start function in DCRaw.
Remote attackers, by enticing a user to open a specially crafted image, could cause a Denial of Service condition.
There is no known workaround at this time.
All DCRaw users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=media-gfx/dcraw-9.26.0"
January 23, 2017
January 23, 2017: 1