[ubuntu/bionic-security] exiv2 0.25-3.1ubuntu0.18.04.11 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Tue Aug 17 17:40:49 UTC 2021
exiv2 (0.25-3.1ubuntu0.18.04.11) bionic-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2021-32815-*.patch: adds a check of sizes
adds msgs prints for DEBUG flags in
src/crwimage_int.cpp.
- CVE-2021-32815
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2021-34334-*.patch: adds
an extra checking to prevent the loop counter from wrapping around in
crwimage.cpp; changes type of escapeStart to size_t in src/exiv2.cpp;
- CVE-2021-34334
* SECURITY UPDATE: Out-of-bounds read
- debian/patches/CVE-2021-37620-*.patch:
check that type isn't an empty string in src/values.cpp and
adds safer vector indexing in multiples files in src/*.
- CVE-2021-37620
* SECURITY UPDATE: Infinite loop
- debian/patches/CVE-2021-37622-*.patch: makes sure
that read is complete to prevent infinite loop and remove dedundant
check in src/jpgimage.cpp.
- CVE-2021-37622
* debian/patches/fix_enforce_include.patch: includes enforce in
crwimage.cpp.
Date: 2021-08-16 18:02:10.148879+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/exiv2/0.25-3.1ubuntu0.18.04.11
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list