[ubuntu/focal-proposed] exiv2 0.25-4ubuntu3 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Wed Oct 30 13:42:13 UTC 2019
exiv2 (0.25-4ubuntu3) focal; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2019-17402.patch: check offset and size
against total size in src/crwimage.cpp.
- CVE-2019-17402
Date: Fri, 25 Oct 2019 14:20:11 -0300
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/exiv2/0.25-4ubuntu3
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 25 Oct 2019 14:20:11 -0300
Source: exiv2
Architecture: source
Version: 0.25-4ubuntu3
Distribution: focal
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Leonidas S. Barbosa <leo.barbosa at canonical.com>
Changes:
exiv2 (0.25-4ubuntu3) focal; urgency=medium
.
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2019-17402.patch: check offset and size
against total size in src/crwimage.cpp.
- CVE-2019-17402
Checksums-Sha1:
a7d870f6d5ae3b740df6883f6bcf6a420a650715 2344 exiv2_0.25-4ubuntu3.dsc
fb614fdaf25a64c9cbc95c2d2c0e461289807649 34928 exiv2_0.25-4ubuntu3.debian.tar.xz
38516c1c44b2de4d5626f5fc9f8ea2f0d3613990 9475 exiv2_0.25-4ubuntu3_source.buildinfo
Checksums-Sha256:
e7094c02de7719efa99e575d6546a38399c9895914e2cab2efbe65748384fc9a 2344 exiv2_0.25-4ubuntu3.dsc
63b1aa592a4ae8c823d27bf30e54aa1127321dfe63ff47af240e16963215c5cd 34928 exiv2_0.25-4ubuntu3.debian.tar.xz
e0b32fe4d2a95c0e91acee09adf7bd6b143806c7e1dbf62b26f07975cd67b63b 9475 exiv2_0.25-4ubuntu3_source.buildinfo
Files:
d53c402d3a5e9eb7534b67bee2393e9a 2344 graphics optional exiv2_0.25-4ubuntu3.dsc
6b79013d07b5b79cb369914f6ea3b3dd 34928 graphics optional exiv2_0.25-4ubuntu3.debian.tar.xz
b1293715898812696d9e9644c8ac6b71 9475 graphics optional exiv2_0.25-4ubuntu3_source.buildinfo
Original-Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde at lists.debian.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl25kl4ACgkQZWnYVadE
vpPAmQ/+MFdKCoEaY/077ZI8wWA1W0ycM1TfMp9W4ybRmvDJTS7l6SZIIoc618HJ
YYhq6e2gK5jYfBssrbzqwARcFi+Z3JE9OR/fPn+roquM2da5SO13PRP1vWbRP3Hw
fyYuZg4sMKl8rs6K/fspDbn/w57SVvp9RY+OOXAHEpLTwVJRP03CYsOshFSMeLJP
yHkOsmyM0oAEBJUpuA8E/Sddr5s4R5Z/D0ou9tE/bRqAUI2fHAK0Ru4KjIXMOliI
hZcuArsa8AU+NTUgEnHYDlBnV6xECM0PLEkroLx6XD5v7quSHzQwgpSzC4chjKb5
K/0F3VSITVaFuJVOJyauvH3H31uwaSkUutWyVaQeCP5jFDIWvNgMW0N0mlq6jOZL
lngInmMyynH/MqfpPb0Ne4XkXG0ATWsjU5+u+bKB43ypts6lX18tw1FCG0r01ATT
LFMdRuX9cUvWwTqqupoDJD7PG1ngrt6ZiCSnq0089+pbrzUFmm7KnhlpRZAdvThC
II/mtd0SWa8U+fEBo0gyepbR97b8EI6OG7j8HZQYsraEdqBwKeBcgKRoXGzemHVG
qDsbpnuPsKtxJEwtSj3e2Yyb+ZZ9FG6KqUEgHoWzxbjed1gaAXXsdT7UVfjgHPyl
R/egAYRNzRtLHy4H7VRN1UCNXESIACZWbvhK+yYpIz6JCM2svm8=
=FjsY
-----END PGP SIGNATURE-----
More information about the Focal-changes
mailing list