libraw.so is vulnerable to out-of-bound reads. A malicious user can pass a file to the kodak_radc_load_raw()
function in dcraw_common.cpp
to cause an out-of-bounds read that can crash the application.
access.redhat.com/errata/RHSA-2018:3065
bugzilla.redhat.com/show_bug.cgi?id=1553335
github.com/LibRaw/LibRaw/blob/master/Changelog.txt
github.com/LibRaw/LibRaw/commit/8682ad204392b91
github.com/LibRaw/LibRaw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4
lists.debian.org/debian-lts-announce/2019/03/msg00036.html
secuniaresearch.flexerasoftware.com/advisories/79000/
secuniaresearch.flexerasoftware.com/secunia_research/2018-1/
usn.ubuntu.com/3615-1/