CVE-2015-8367 in Ubuntu

CVE-2015-8367

Priority

Description

The phase_one_correct function in Libraw before 0.17.1 allows attackers to
cause memory errors and possibly execute arbitrary code, related to memory
object initialization.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8367
https://usn.ubuntu.com/usn/usn-3492-1

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806809

Assigned-to

mdeslaur

Notes

Package

Source: darktable (LP Ubuntu Debian)

Upstream:	not-affected (code not present)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was needed)
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was needed)
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (code not present)
Ubuntu 18.04 LTS (Bionic Beaver):	not-affected (code not present)
Ubuntu 19.10 (Eoan Ermine):	not-affected (code not present)
Ubuntu 20.04 (Focal Fossa):	not-affected (code not present)

Package

Source: dcraw (LP Ubuntu Debian)

Upstream:	not-affected (code not present)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was needed)
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was needed)
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (code not present)
Ubuntu 18.04 LTS (Bionic Beaver):	not-affected (code not present)
Ubuntu 19.10 (Eoan Ermine):	not-affected (code not present)
Ubuntu 20.04 (Focal Fossa):	not-affected (code not present)

Package

Source: exactimage (LP Ubuntu Debian)

Upstream:	needed
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was needed)
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was needed)
Ubuntu 16.04 LTS (Xenial Xerus):	needed
Ubuntu 18.04 LTS (Bionic Beaver):	needed
Ubuntu 19.10 (Eoan Ermine):	needed
Ubuntu 20.04 (Focal Fossa):	needed

Package

Source: kodi (LP Ubuntu Debian)

Upstream:	needed
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	needed
Ubuntu 18.04 LTS (Bionic Beaver):	needed
Ubuntu 19.10 (Eoan Ermine):	needed
Ubuntu 20.04 (Focal Fossa):	needed

Package

Source: libraw (LP Ubuntu Debian)

Upstream:	needed
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was needed)
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was released [0.15.4-1ubuntu0.1])
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (0.17.1-1)
Ubuntu 18.04 LTS (Bionic Beaver):	not-affected (0.18.2-1)
Ubuntu 19.10 (Eoan Ermine):	not-affected (0.18.2-1)
Ubuntu 20.04 (Focal Fossa):	not-affected (0.18.2-1)

Patches:

Upstream:

https://github.com/LibRaw/LibRaw/commit/89d065424f09b788f443734d44857289489ca9e2

Package

Source: rawtherapee (LP Ubuntu Debian)

Upstream:	needed
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was needed)
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was needed)
Ubuntu 16.04 LTS (Xenial Xerus):	needed
Ubuntu 18.04 LTS (Bionic Beaver):	needed
Ubuntu 19.10 (Eoan Ermine):	needed
Ubuntu 20.04 (Focal Fossa):	needed

Package

Source: ufraw (LP Ubuntu Debian)

Upstream:	not-affected (code not present)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was needed)
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was needed)
Ubuntu 16.04 LTS (Xenial Xerus):	not-affected (code not present)
Ubuntu 18.04 LTS (Bionic Beaver):	not-affected (code not present)
Ubuntu 19.10 (Eoan Ermine):	DNE
Ubuntu 20.04 (Focal Fossa):	DNE

Package

Source: xbmc (LP Ubuntu Debian)

Upstream:	not-affected (code not present)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE (precise was needed)
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was not-affected [code not present])
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 19.10 (Eoan Ermine):	DNE
Ubuntu 20.04 (Focal Fossa):	DNE

More Information

Updated: 2020-01-29 18:23:45 UTC (commit 40f18bf14da5fb50662e1f861ea594a462b207fe)