[ubuntu/focal-security] jhead 1:3.04-1ubuntu0.1 (Accepted)
George-Andrei Iosif
andrei.iosif at canonical.com
Tue May 23 06:43:02 UTC 2023
jhead (1:3.04-1ubuntu0.1) focal-security; urgency=medium
* SECURITY UPDATE: heap buffer overflow when processing the DQT markers
- debian/patches/CVE-2020-6624.patch: Adds further DQT verifications in
jpgqguess.c.
- CVE-2020-6624
* SECURITY UPDATE: heap out-of-bounds read when processing longitude tags
- debian/patches/CVE-2020-6625.patch: Adds further verifications in
gpsinfo.c.
- CVE-2020-6625
* SECURITY UPDATE: heap buffer overflow when reading JPEG sections
- debian/patches/CVE-2020-26208.patch: Allocates additional 20 bytes in
jpgfile.c.
- CVE-2020-26208
* SECURITY UPDATE: heap out-of-bounds read when processing Canon images
- debian/patches/CVE-2021-28276_28278.patch: Adds further verifications in
makernote.c.
- CVE-2021-28276
* SECURITY UPDATE: heap buffer overflow when removing a certain type of
section
- debian/patches/CVE-2021-28276_28278.patch: Adds further verifications
while processing nested EXIF directories in exif.c.
- CVE-2021-28278
Date: 2023-05-18 08:43:07.668617+00:00
Changed-By: George-Andrei Iosif <andrei.iosif at canonical.com>
https://launchpad.net/ubuntu/+source/jhead/1:3.04-1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list