Hi,

I find out that our libraw (0.17.0) is vulnerable to CVE-2015-{8366,
8367}[0], which is fixed in 0.17.1[1]. The patch below updates libraw to
0.17.2.