libraw (0.21.2-2.1ubuntu0.24.04.1) noble-security; urgency=medium
* SECURITY UPDATE: Out of bounds read
- debian/patches/CVE-2025-43961-CVE-2025-43962.patch: Check
size of head array values
- CVE-2025-43961
- CVE-2025-43962
- debian/patches/CVE-2025-43963.patch: check split_col/split_row
values in phase_one_correct
- CVE-2025-43963
* SECURITY UPDATE: Malformed input
- debian/patches/CVE-2025-43964.patch: additional checks in PhaseOne
correction tag 0x412 processing
- CVE-2025-43964
-- Bruce Cable <bruce.cable@canonical.com> Mon, 28 Apr 2025 14:02:15 +1000
libraw (0.21.2-2.1build1) noble; urgency=medium
* No-change rebuild for CVE-2024-3094
-- Steve Langasek <steve.langasek@ubuntu.com> Sun, 31 Mar 2024 02:12:59 +0000
libraw (0.21.2-2.1) unstable; urgency=medium
* Non-maintainer upload.
* Rename libraries for 64-bit time_t transition. Closes: #1062601
-- Benjamin Drung <bdrung@debian.org> Wed, 28 Feb 2024 19:43:42 +0000
libraw (0.21.2-2) unstable; urgency=medium
[ Debian Janitor ]
* Set upstream metadata fields: Bug-Database, Bug-Submit, Repository-Browse.
[ Matthias Klose ]
* Mark symbols as optional not seen when building with lto. (Closes:
#1015516)
[ Heather Ellsworth ]
* Open merge request against gitlab on salsa.debian.org
[ Olivier Tilloy ]
* Mark C++ template instantiations optional
(This was already done in Debian due to gcc-13 symbols changes
[ Gianfranco Costamagna ]
* Team upload
* Sort symbols
* Drop duplicated symbols
-- Gianfranco Costamagna <locutusofborg@debian.org> Mon, 15 Jan 2024 10:04:22 +0100
libraw (0.21.2-1) unstable; urgency=medium
* New upstream release
* debian/patches/: patchset updated
- Old patches dropped (merged upstream)
- 0001-CR3-Qstep-table-avoid-wrong-64-bit-code-generation.patch added
(Closes: #1060257)
-- Matteo F. Vescovi <mfv@debian.org> Sun, 14 Jan 2024 18:24:49 +0100
libraw (0.21.1-7) unstable; urgency=medium
* debian/libraw23.symbols: more symbols fixing
-- Matteo F. Vescovi <mfv@debian.org> Mon, 24 Jul 2023 14:22:16 +0200
libraw (0.21.1-6) unstable; urgency=medium
* debian/patches/: patchset updated
- 0002-raw-identify-use-fallback-if-PATH_MAX-not-available.patch added
* debian/libraw23.symbols: initial fix after gcc-13
-- Matteo F. Vescovi <mfv@debian.org> Sat, 22 Jul 2023 23:08:47 +0200
libraw (0.21.1-5) unstable; urgency=medium
* debian/patches/: patchset updated (Closes: #1036281)
- 0001-Do-not-set-shrink-flag-for-3-4-component-images.patch added
CVE-2023-1729:
| A flaw was found in LibRaw. A heap-buffer-overflow
| in raw2image_ex() caused by a maliciously crafted file
| may lead to an application crash.
-- Matteo F. Vescovi <mfv@debian.org> Wed, 05 Jul 2023 22:47:57 +0200
libraw (0.21.1-4) unstable; urgency=medium
* Upload to unstable
-- Matteo F. Vescovi <mfv@debian.org> Sun, 02 Jul 2023 16:56:51 +0200
libraw (0.21.1-3) experimental; urgency=medium
* debian/libraw23.symbols: architecture narrowing
-- Matteo F. Vescovi <mfv@debian.org> Wed, 01 Mar 2023 20:09:01 +0100
libraw (0.21.1-2) experimental; urgency=medium
* debian/libraw23.symbols: symbols fixed
-- Matteo F. Vescovi <mfv@debian.org> Mon, 27 Feb 2023 23:39:59 +0100
libraw (0.21.1-1) experimental; urgency=medium
* New upstream release
- debian/: SONAME bump 20 -> 23
* debian/libraw23.symbols:
- SONAME version bump
- file updated against v0.21.1
* debian/control: S-V bump 4.6.0 -> 4.6.2 (no changes needed)
* debian/copyright: timestamp bump for debian/
-- Matteo F. Vescovi <mfv@debian.org> Mon, 23 Jan 2023 21:21:27 +0100
libraw (0.20.2-2) unstable; urgency=medium
* debian/watch: bump version 3 -> 4
* debian/control: S-V bump 4.5.0 -> 4.6.0 (no changes needed)
* debian/libraw-doc.docs: install cpp samples (Closes: #994019)
* debian/libraw-bin.install: move sample binaries to usr/bin
* debian/NEWS: added to describe sample binaries move
* debian/rules:
- drop useless linker flags
- hardening options added
-- Matteo F. Vescovi <mfv@debian.org> Sat, 11 Sep 2021 16:56:07 +0200
libraw (0.20.2-1) unstable; urgency=medium
* New upstream release
-- Matteo F. Vescovi <mfv@debian.org> Mon, 19 Oct 2020 23:00:12 +0200
libraw (0.20.0-4) unstable; urgency=medium
* Upload to unstable
* debian/libraw20.symbols: drop duplicates and
restrict to 64 bits
-- Matteo F. Vescovi <mfv@debian.org> Tue, 18 Aug 2020 15:45:30 +0200
libraw (0.20.0-3) experimental; urgency=medium
* debian/libraw20.symbols: drop MISSING and update others
-- Matteo F. Vescovi <mfv@debian.org> Tue, 04 Aug 2020 23:43:02 +0200
libraw (0.20.0-2) experimental; urgency=medium
* debian/libraw20.symbols: file updated
-- Matteo F. Vescovi <mfv@debian.org> Tue, 04 Aug 2020 21:11:25 +0200
libraw (0.20.0-1) experimental; urgency=medium
[ Matteo F. Vescovi ]
* New upstream release
This release fixes CVE-2020-15503:
| LibRaw before 0.20-RC1 lacks a thumbnail size range check.
| This affects decoders/unpack_thumb.cpp,
| postprocessing/mem_image.cpp, and utils/thumb_utils.cpp.
| For example,
| malloc(sizeof(libraw_processed_image_t)+T.tlength) occurs
| without validating T.tlength.
* debian/: SONAME bump 19 -> 20
* debian/control:
- debhelper bump 12 -> 13
- S-V bump 4.4.0 -> 4.5.0 (no changes needed)
- RRR set
* debian/tests/smoketest: path adapted
* debian/copyright: entries for unused files and licenses removed
* debian/rules: drop useless files installation
* debian/libraw20.symbols: missing and new symbols added
[ Sebastien Bacher ]
* debian/tests/build: use the correct compiler for
autopkgtest cross-testing. (Closes: #954886)
-- Matteo F. Vescovi <mfv@debian.org> Thu, 30 Jul 2020 00:09:36 +0200
libraw (0.19.5-1) unstable; urgency=medium
* New upstream release
-- Matteo F. Vescovi <mfv@debian.org> Wed, 28 Aug 2019 23:45:51 +0200
libraw (0.19.4-1) unstable; urgency=medium
* New upstream release
* debian/: really bump debhelper to v12
* debian/control: S-V bump 4.3.0 -> 4.4.0 (no changes needed)
-- Matteo F. Vescovi <mfv@debian.org> Fri, 09 Aug 2019 22:29:04 +0200
libraw (0.19.3-1) unstable; urgency=medium
* New upstream release
- debian/patches/: patchset dropped (applied upstream)
-- Matteo F. Vescovi <mfv@debian.org> Thu, 11 Jul 2019 22:46:26 +0200
# Older entries have been removed from this changelog.
# To read the complete changelog use `apt changelog libraw23t64`.
Generated by dwww version 1.16 on Sat Dec 13 16:25:52 CET 2025.