This update for libraw fixes the following issues:
The following security vulnerabilities were addressed:
CVE-2018-5813: Fixed an error within the "parse_minolta()" function
(dcraw/dcraw.c) that could be exploited to trigger an infinite loop via
a specially crafted file. This could be exploited to cause a
DoS.(boo#1103200).
CVE-2018-5815: Fixed an integer overflow in the
internal/dcraw_common.cpp:parse_qt() function, that could be exploited
to cause an infinite loop via a specially crafted Apple QuickTime file.
(boo#1103206)
CVE-2018-5810: Fixed an error within the rollei_load_raw() function
(internal/dcraw_common.cpp) that could be exploited to cause a
heap-based buffer overflow and subsequently cause a crash. (boo#1103353)
CVE-2018-5811: Fixed an error within the nikon_coolscan_load_raw()
function (internal/dcraw_common.cpp) that could be exploited to cause an
out-of-bounds read memory access and subsequently cause a crash.
(boo#1103359)
CVE-2018-5812: Fixed another error within the nikon_coolscan_load_raw()
function (internal/dcraw_common.cpp) that could be exploited to trigger
a NULL pointer dereference. (boo#1103360)
CVE-2018-5807: Fixed an error within the samsung_load_raw() function
(internal/dcraw_common.cpp) that could be exploited to cause an
out-of-bounds read memory access and subsequently cause a crash.
(boo#1103361)