diff -Nru libkdcraw-4.10.2/debian/changelog libkdcraw-4.10.2/debian/changelog
--- libkdcraw-4.10.2/debian/changelog	2013-04-05 13:45:58.000000000 -0400
+++ libkdcraw-4.10.2/debian/changelog	2013-06-20 15:41:37.000000000 -0400
@@ -1,3 +1,16 @@
+libkdcraw (4:4.10.2-0ubuntu1.1) raring-security; urgency=low
+
+  * SECURITY UPDATE: denial of service and possible code execution via
+    broken full-color images and a buffer overflow (LP: #1193065)
+    - debian/patches/CVE2013-2126.diff: fix error handling in
+      libraw/src/libraw_cxx.cpp.
+    - CVE-2013-2126
+    - debian/patches/CVE2013-2127.diff: fix wrong data_maximum calcluation
+      in libraw/src/libraw_cxx.cpp.
+    - CVE-2013-2127
+
+ -- Scott Kitterman <scott@kitterman.com>  Thu, 20 Jun 2013 15:38:37 -0400
+
 libkdcraw (4:4.10.2-0ubuntu1) raring; urgency=low
 
   * New upstream bugfix release
diff -Nru libkdcraw-4.10.2/debian/patches/CVE2013-2126.diff libkdcraw-4.10.2/debian/patches/CVE2013-2126.diff
--- libkdcraw-4.10.2/debian/patches/CVE2013-2126.diff	1969-12-31 19:00:00.000000000 -0500
+++ libkdcraw-4.10.2/debian/patches/CVE2013-2126.diff	2013-06-20 15:30:11.000000000 -0400
@@ -0,0 +1,31 @@
+commit 655c5ac08726eee4219d0a8830953a22d7f3d371
+Author: Gilles Caulier <caulier.gilles@gmail.com>
+Date:   Sun May 26 11:39:52 2013 +0200
+
+    update internal Libraw to last 0.15.2
+    BUGS: 320049
+
+Index: libkdcraw-4.10.2/libraw/src/libraw_cxx.cpp
+===================================================================
+--- libkdcraw-4.10.2.orig/libraw/src/libraw_cxx.cpp	2013-06-20 15:27:31.702429527 -0400
++++ libkdcraw-4.10.2/libraw/src/libraw_cxx.cpp	2013-06-20 15:28:37.966427569 -0400
+@@ -1055,11 +1055,17 @@
+                 S.iheight= S.height;
+                 IO.shrink = 0;
+                 // allocate image as temporary buffer, size 
+-                imgdata.rawdata.raw_alloc = calloc(S.iwidth*S.iheight,sizeof(*imgdata.image));
+-                imgdata.image = (ushort (*)[4]) imgdata.rawdata.raw_alloc;
++                imgdata.rawdata.raw_alloc = 0;
++                imgdata.image = (ushort (*)[4]) calloc(S.iwidth*S.iheight,sizeof(*imgdata.image));
+               }
+             ID.input->seek(libraw_internal_data.unpacker_data.data_offset, SEEK_SET);
+             (this->*load_raw)();
++                       if (decoder_info.decoder_flags & LIBRAW_DECODER_LEGACY)
++                       {
++                               // successfully decoded legacy image, attach image to raw_alloc
++                               imgdata.rawdata.raw_alloc = imgdata.image;
++                               imgdata.image = 0;
++                       }
+           }
+ 	    
+         if(imgdata.rawdata.raw_image)
diff -Nru libkdcraw-4.10.2/debian/patches/CVE2013-2127.diff libkdcraw-4.10.2/debian/patches/CVE2013-2127.diff
--- libkdcraw-4.10.2/debian/patches/CVE2013-2127.diff	1969-12-31 19:00:00.000000000 -0500
+++ libkdcraw-4.10.2/debian/patches/CVE2013-2127.diff	2013-06-20 15:31:15.000000000 -0400
@@ -0,0 +1,57 @@
+commit 661dab8704f1a8bd401b95107a34b4b13f8b671a
+Author: Gilles Caulier <caulier.gilles@gmail.com>
+Date:   Fri May 24 23:06:52 2013 +0200
+
+    update internal libraw to 0.15.1
+    BUGS: 319731
+    FIXED-IN: 3.3.0
+
+Index: libkdcraw-4.10.2/libraw/src/libraw_cxx.cpp
+===================================================================
+--- libkdcraw-4.10.2.orig/libraw/src/libraw_cxx.cpp	2013-06-20 15:31:04.442423241 -0400
++++ libkdcraw-4.10.2/libraw/src/libraw_cxx.cpp	2013-06-20 15:31:04.434423242 -0400
+@@ -2204,14 +2204,15 @@
+ #define MAX(a,b) ((a) > (b) ? (a) : (b))
+ #define LIM(x,min,max) MAX(min,MIN(x,max))
+ #define CLIP(x) LIM(x,0,65535)
+-
+-            for(i=0; i< size*4; i++)
++	     int dmax = 0;
++	     for(i=0; i< size*4; i++)
+               {
+                 int val = imgdata.image[0][i];
+                 val -= cblk[i & 3];
+                 imgdata.image[0][i] = CLIP(val);
+-                if(C.data_maximum < val) C.data_maximum = val;
++                if(dmax < val) dmax = val;
+               }
++             C.data_maximum = dmax & 0xffff;
+ #undef MIN
+ #undef MAX
+ #undef LIM
+@@ -2227,9 +2228,10 @@
+           // only calculate channel maximum;
+           int idx;
+           ushort *p = (ushort*)imgdata.image;
+-          C.data_maximum = 0;
++          int dmax = 0;
+           for(idx=0;idx<S.iheight*S.iwidth*4;idx++)
+-            if(C.data_maximum < p[idx]) C.data_maximum = p[idx];
++            if(dmax < p[idx]) dmax = p[idx];
++	  C.data_maximum = dmax;
+         }
+ }
+ 
+@@ -2283,8 +2285,10 @@
+             imgdata.image[i][3] = lut[imgdata.image[i][3]];
+         }
+ 
+-    C.data_maximum = lut[C.data_maximum];
+-    C.maximum = lut[C.maximum];
++    if(C.data_maximum <=TBLN)
++      C.data_maximum = lut[C.data_maximum];
++    if(C.maximum <= TBLN)
++      C.maximum = lut[C.maximum];
+     // no need to adjust the minumum, black is already subtracted
+     free(lut);
+ }
diff -Nru libkdcraw-4.10.2/debian/patches/series libkdcraw-4.10.2/debian/patches/series
--- libkdcraw-4.10.2/debian/patches/series	1969-12-31 19:00:00.000000000 -0500
+++ libkdcraw-4.10.2/debian/patches/series	2013-06-20 15:21:45.000000000 -0400
@@ -0,0 +1,2 @@
+CVE2013-2126.diff
+CVE2013-2127.diff