Bug#1031790: libraw: CVE-2021-32142
David Bremner
david at tethera.net
Wed Feb 22 21:00:50 GMT 2023
Salvatore Bonaccorso <carnil at debian.org> writes:
> Source: libraw
> Version: 0.20.2-2
> Severity: important
> Tags: security upstream
> Forwarded: https://github.com/LibRaw/LibRaw/issues/400
> X-Debbugs-Cc: carnil at debian.org, Debian Security Team <team at security.debian.org>
> Control: fixed -1 0.21.1-1
>
> Hi,
>
> The following vulnerability was published for libraw. The wording for
> the CVE description from the feed is disputable, believe this should
> be at most DoS.
For (naughty) packages that embed libraw, is this worth
1) Trying to squeeze in a minor version update
2) waiting for stable update?
3) not worrying about for bookworm?
I know the answer is probably "it depends", just looking for feedback
and-or what other maintainers are planning on doing.
d
More information about the Pkg-phototools-devel
mailing list