Add new comment

LibRaw 0.18.6 (update: was 0.18.3, 0.18.4, and 0.18.5)

LibRaw 0.18.6 released and available on both download page and on Github repository.

This is bugfix release, changes are (compared to 0.18.2):

  • Fixed fuji_width handling if file is neither fuji nor DNG
  • Fixed xtrans interpolate for broken xtrans pattern
  • Fixed panasonic decoder
  • Fix for possible buffer overrun in kodak_65000 decoder
  • Fix for possible heap overrun in Canon makernotes parser
  • Fix for CVE-2017-13735
  • CVE-2017-14265: Additional check for X-Trans CFA pattern data
Please note: fixed bugs are not affect real from-camera files processing, you need to feed LibRaw by specially crafted files (e.g. run online service that accepts any file) to be affected by these problems.