[ubuntu/hirsute-security] exiv2 0.27.3-3ubuntu1.1 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Mon May 10 18:25:14 UTC 2021
exiv2 (0.27.3-3ubuntu1.1) hirsute-security; urgency=medium
* SECURITY UPDATE: Heap buffer overflow
- debian/patches/CVE-2021-3482-*.patch: fix buffer overflow
in src/jp2image.cpp and adds tests test/data/poc_1522.jp2,
tests/bugfixes/github/test_issue_1522.py.
- debian/source/include-binaries: add poc_1522.jp2 entry.
- CVE-2021-3482
* SECURITY UPDATE: An out of buffer access
- debian/patches/CVE-2021-29457.patch: fix in src/jp2image.cpp
(LP: #1923479)
- CVE-2021-29457
* SECURITY UPDATE: Integer overflow
- debian/patches/CVE-2021-29458.patch: fix in src/crwimage_int.cpp
(LP: #1923479)
- CVE-2021-29458
* SECURITY UPDATE: Out-of-bounds
- debian/patches/CVE-2021-29470-*.patch: Add more bound checks in
Jp2Image::encodeJp2Header and add some tests from/for github.
- CVE-2021-29470
Date: 2021-04-27 17:43:09.718286+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/exiv2/0.27.3-3ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Hirsute-changes
mailing list