On Mon, 21 Mar 2016 12:06:38 +0100, Moritz Muehlenhoff <j...@debian.org> said:
> CVE-2015-8366 in dcraw also affects ufraw. The dcraw upstream fix is > https://github.com/LibRaw/LibRaw/commit/89d065424f09b788f443734d44857289489ca9e2 It looks like ufraw (and probably all other dcraw-derived packages) is also affected by CVE-2015-8367 https://github.com/LibRaw/LibRaw/commit/490ef94d1796f730180039e80997efe5c58db780 which I'll fix as well in the next ufraw upload. -- Hubert Chathi <uho...@debian.org> -- Jabber: hub...@uhoreg.ca PGP/GnuPG key: 4096R/113A1368 https://www.uhoreg.ca/ Fingerprint: F24C F749 6C73 DDB8 DCB8 72DE B2DE 88D3 113A 1368