Bug#788242: wheezy-pu: package rawtherapee/4.0.9-4

To: 788242@bugs.debian.org
Cc: Philip Rinn <rinni@inventati.org>
Subject: Bug#788242: wheezy-pu: package rawtherapee/4.0.9-4
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Fri, 12 Jun 2015 08:28:21 +0100
Message-id: <[🔎] a9fcbf946d9a23364e04b768f91f8fa5@mail.adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 788242@bugs.debian.org
In-reply-to: <[🔎] 1433873787.32653.3.camel@adam-barratt.org.uk>
References: <[🔎] 20150609175334.6751.25222.reportbug@debian.samsung.router> <[🔎] 1433873787.32653.3.camel@adam-barratt.org.uk>

Control: tags -1 + pending

On 2015-06-09 19:16, Adam D. Barratt wrote:

Control: tags -1 + confirmed

On Tue, 2015-06-09 at 19:53 +0200, Philip Rinn wrote:

rawtherapee is affected by the security issue CVE-2015-3885. It'smarked no-dsa
that's why I want to coordinate the update with you.

I attached the debdiff.


+rawtherapee (4.0.9-4+deb7u1) wheezy-security; urgency=high
+
+  * Add patch debian/patches/04-fix_CVE-2015-3885.patch:
+    - Fix dcraw imput sanitization errors (CVE-2015-3885)

As with the jessie update, please drop "-security" from thedistribution

and go ahead.


Uploaded and flagged for acceptance.

Regards,

Adam

Reply to:

References:
- Bug#788242: wheezy-pu: package rawtherapee/4.0.9-4
  - From: Philip Rinn <rinni@inventati.org>
- Bug#788242: wheezy-pu: package rawtherapee/4.0.9-4
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Prev by Date: Bug#756867: transition: gdal
Next by Date: Processed: Re: Bug#788242: wheezy-pu: package rawtherapee/4.0.9-4
Previous by thread: Bug#788242: wheezy-pu: package rawtherapee/4.0.9-4
Next by thread: Processed: Re: Bug#788242: wheezy-pu: package rawtherapee/4.0.9-4
Index(es):
- Date
- Thread