SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libraw23-0.21.3-1.0.2.1.sr20250101.i586.rpm :

* Fri Jan 31 2025 ecsos - Update to 0.21.3:
* new compile-time define LIBRAW_CALLOC_RAWSTORE If defined: calloc() will be used for all big buffer allocations to prevent uninitialized heap data leak
* Small allocations: calloc() instead of malloc() to prevent uninitialized heap data leak
* Support for 4-component JPEG-compressed DNG files
* CR3-Qstep table: avoid wrong 64-bit code generation
* Fixed several bugs related to specially-crafted files processing (thanks to OSS-Fuzz project)
* Mon Dec 02 2024 Bernhard Wiedemann - Limit fdupes to %_libdir
* Thu Dec 28 2023 Dirk Müller - update to 0.21.2:
* New compile-defined limit LIBRAW_MAX_PROFILE_SIZE_MB: limits allocation/read size for embedded color profile Embedded color profile allocation/read size: limited by input file size.
* Multiple fixes (mostly inspired by oss-fuzz) to improve library stability and/or input checks.
* raw-identify: use fallback if PATH_MAX not available
* Disabled color conversion for Canon 16-bit thumbnails
* docs/changelog: explained the case when no thumbnail is found in specific file
* swapXX renamed to libraw_swapXX to avoid name conflict
* better striped thumbnails handling- drop libraw-CVE-2023-1729.patch (upstream)
* Thu Sep 14 2023 pgajdosAATTsuse.com- security update- added patches fix CVE-2020-22628 [bsc#1215308], stretch() function in libraw/src/postprocessing/aspect_ratio.cpp + libraw-CVE-2020-22628.patch
* Tue May 02 2023 pgajdosAATTsuse.com- security update- added patches fix CVE-2023-1729 [bsc#1210720], a heap-buffer-overflow in raw2image_ex() + libraw-CVE-2023-1729.patch
* Wed Jan 18 2023 Dirk Müller - update to 0.21.1:
* fixed typo in panasonic metadata parser
* Multiple fixes inspired by oss-fuzz project
* Phase One/Leaf IIQ-S v2 support
* Canon CR3 filmrolls
* Canon CRM (movie) files
* Tiled bit-packed (and 16-bit unpacked) DNGs
* (non-standard) Deflate-compressed integer DNG files are allowed
* Canon EOS R3, R7 and R10
* Fujifilm X-H2S, X-T30 II
* OM System OM-1
* Leica M11
* Sony A7-IV (ILCE-7M4)
* DJI Mavic 3
* Nikon Z9: standard compression formats only
* Wed Jan 04 2023 Paolo Stivanin - Update to 0.21.0:
* Camera format support: + Phase One/Leaf IIQ-S v2 support + Canon CR3 filmrolls/RawBurst + Canon CRM (movie) files + Tiled bit-packed (and 16-bit unpacked) DNGs + (non-standard) Deflate-compressed integer DNG files are allowed
* Camera support: + Canon EOS R3, R7 and R10 + Fujifilm X-H2S, X-T30 II + OM System OM-1 + Leica M11 + Sony A7-IV (ILCE-7M4) + DJI Mavic 3 + Nikon Z9: standard compression formats only
* Multiple (resultion) thumbnails support
* Misc: + Nikon makernotes: read NEFCompression tag for HE/HE
* files + Nikon orientation tag: more fixed offsets for known cameras + Adobe DNG SDK 1.6 support (meaning, just an additional patch for GPR SDK)
* Bugs fixed: + Fixed possible out-of-buffer read in Nikon orientation tag parser + Out-of-range read-only array access in postprocessing if output_color is set to 0 (raw color) + Minolta Z2 was not recognized correctly on 32-bit systems + Fixed possible buffer overflow in Kodak C330 decoder + dcraw_process(): check for buffer allocation results to avoid NULL deref + Multiple bugfixes inspired by oss-fuzz project
* Mon Sep 27 2021 pgajdosAATTsuse.com- previous version updates fixed also:
* CVE-2018-20337,CVE-2018-20363,CVE-2018-20364,CVE-2018-20365, CVE-2018-5815,CVE-2018-5816,CVE-2018-5817,CVE-2018-5818, CVE-2018-5819,CVE-2021-32142 (bsc#1097975,bsc#1103206,bsc#1120498,bsc#1120499,bsc#1120500, bsc#1120515,bsc#1120516,bsc#1120517,bsc#1120519,bsc#1208470)
* Wed Apr 21 2021 Wolfgang Frisch - Hardening: link as PIE (bsc#1184123).
* Fri Feb 19 2021 pgajdosAATTsuse.com- baselibs required by ImageMagick- added sources + baselibs.conf
  
ICM