Add new comment

LibRaw 0.18.8 (update: was 0.18.3...0.18.7)

LibRaw 0.18.8 released and available on both download page and on Github repository.

This is bugfix release, changes are (compared to 0.18.2):

  • leaf_hdr_load_raw: check for image pointer for demosaiced raw
  • NOKIARAW parser: check image dimensions readed from file
  • quicktake_100_load_raw: check width/height limits
  • All legacy (RGB raw) image loaders checks for imgdata.image is not NULL
  • kodak_radc_load_raw: check image size before processing
  • legacy memory allocator: allocate max(widh,raw_width)*max(height,raw_height)
  • Fixed fuji_width handling if file is neither fuji nor DNG
  • Fixed xtrans interpolate for broken xtrans pattern
  • Fixed panasonic decoder
  • Fix for possible buffer overrun in kodak_65000 decoder
  • Fix for possible heap overrun in Canon makernotes parser
  • Fix for CVE-2017-13735
  • CVE-2017-14265: Additional check for X-Trans CFA pattern data
Please note: fixed bugs do not affect real from-camera files processing, you need to feed LibRaw by specially crafted files (e.g. run online service that accepts any file) to be affected by these problems.