[ubuntu/groovy-updates] exiv2 0.27.3-3ubuntu0.4 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Tue May 25 15:28:26 UTC 2021
exiv2 (0.27.3-3ubuntu0.4) groovy-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2021-29463.patch: Improve bound checking in
WebPImage::doWriteMetadata() in src/webpimage.cpp.
- CVE-2021-29463
* SECURITY UPDATE: Heap buffer overflow
- debian/patches/CVE-2021-29464.patch: better bounds checking in
Jp2Image::encodeJp2Header() in src/jp2image.cpp.
- CVE-2021-29464
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2021-29473.patch: Add bounds check in
Jp2Image::doWriteMetadata() in src/jp2image.cpp.
- CVE-2021-29473
* SECURITY UPDATE: Leak bytes of stack memory
- debian/patches/CVE-2021-29623.patch: Use readOrThrow to check error
conditions of iIo.read() src/webpimage.cpp.
- CVE-2021-29623
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2021-32617.patch: Fix quadratic complexity performance bug
in xmpsdk/src/XMPMeta-Parse.cpp.
- CVE-2021-32617
Date: 2021-05-24 13:50:09.462222+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/exiv2/0.27.3-3ubuntu0.4
-------------- next part --------------
Sorry, changesfile not available.
More information about the Groovy-changes
mailing list