libraw: patch CVE-2025-43964

Details: https://nvd.nist.gov/vuln/detail/CVE-2025-43964

Pick the patch that is referenced by the nvd report.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>

meta-oe/recipes-support/libraw/libraw/CVE-2025-43964.patch

@@ -0,0 +1,25 @@
+From 0e068c2826ca6a70973ec2a75d05bc95b11e4977 Mon Sep 17 00:00:00 2001
+From: Alex Tutubalin <lexa@lexa.ru>
+Date: Sun, 2 Mar 2025 11:35:43 +0300
+Subject: [PATCH] additional checks in PhaseOne correction tag 0x412 processing
+
+CVE: CVE-2025-43964
+Upstream-Status: Backport [https://github.com/LibRaw/LibRaw/commit/a50dc3f1127d2e37a9b39f57ad9bb2ebb60f18c0]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ src/decoders/load_mfbacks.cpp | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/decoders/load_mfbacks.cpp b/src/decoders/load_mfbacks.cpp
+index 00a9bc1e..8ba791c6 100644
+--- a/src/decoders/load_mfbacks.cpp
++++ b/src/decoders/load_mfbacks.cpp
+@@ -336,6 +336,8 @@ int LibRaw::phase_one_correct()
+       unsigned w0 = head[1] * head[3], w1 = head[2] * head[4];
+       if (w0 > 10240000 || w1 > 10240000)
+         throw LIBRAW_EXCEPTION_ALLOC;
++      if (w0 < 1 || w1 < 1)
++         throw LIBRAW_EXCEPTION_IO_CORRUPT;
+       yval[0] = (float *)calloc(head[1] * head[3] + head[2] * head[4], 6);
+       merror(yval[0], "phase_one_correct()");
+       yval[1] = (float *)(yval[0] + head[1] * head[3]);

meta-oe/recipes-support/libraw/libraw_0.20.2.bb

@@ -6,6 +6,7 @@ SRC_URI = "git://github.com/LibRaw/LibRaw.git;branch=master;protocol=https \
            file://CVE-2023-1729.patch \
            file://CVE-2025-43961-43962.patch \
            file://CVE-2025-43963.patch \
+           file://CVE-2025-43964.patch \
            "
 SRCREV = "0209b6a2caec189e6d1a9b21c10e9e49f46e5a92"
 S = "${WORKDIR}/git"