[ubuntu/bionic-updates] exiv2 0.25-3.1ubuntu0.18.04.11 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Tue Aug 17 18:28:23 UTC 2021
exiv2 (0.25-3.1ubuntu0.18.04.11) bionic-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2021-32815-*.patch: adds a check of sizes
adds msgs prints for DEBUG flags in
src/crwimage_int.cpp.
- CVE-2021-32815
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2021-34334-*.patch: adds
an extra checking to prevent the loop counter from wrapping around in
crwimage.cpp; changes type of escapeStart to size_t in src/exiv2.cpp;
- CVE-2021-34334
* SECURITY UPDATE: Out-of-bounds read
- debian/patches/CVE-2021-37620-*.patch:
check that type isn't an empty string in src/values.cpp and
adds safer vector indexing in multiples files in src/*.
- CVE-2021-37620
* SECURITY UPDATE: Infinite loop
- debian/patches/CVE-2021-37622-*.patch: makes sure
that read is complete to prevent infinite loop and remove dedundant
check in src/jpgimage.cpp.
- CVE-2021-37622
* debian/patches/fix_enforce_include.patch: includes enforce in
crwimage.cpp.
Date: 2021-08-16 18:02:10.148879+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/exiv2/0.25-3.1ubuntu0.18.04.11
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list