A flaw was found in LibRaw. An error within the "parse_minolta()" function (dcraw/dcraw.c) can be exploited to trigger an infinite loop via a specially crafted file. This can be exploited by malicious people to cause a DoS (Denial of Service).
Note that there's a related follow-up patch:
This issue affects the versions of LibRaw as shipped with Red Hat Enterprise Linux 7.
Also known as Secunia Advisory SA83050 ...
(In reply to Stefan Cornelius from comment #3)
This is already in LibRaw 0.19 Beta-5 and 0.18.11.
> Note that there's a related follow-up patch:
This one is only present in the 0.19-stable branch and hasn't seen a release yet.