[ubuntu/hirsute-security] exiv2 0.27.3-3ubuntu1.3 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Tue May 25 14:45:55 UTC 2021
exiv2 (0.27.3-3ubuntu1.3) hirsute-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2021-29463.patch: Improve bound checking in
WebPImage::doWriteMetadata() in src/webpimage.cpp.
- CVE-2021-29463
* SECURITY UPDATE: Heap buffer overflow
- debian/patches/CVE-2021-29464.patch: better bounds checking in
Jp2Image::encodeJp2Header() in src/jp2image.cpp.
- CVE-2021-29464
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2021-29473.patch: Add bounds check in
Jp2Image::doWriteMetadata() in src/jp2image.cpp.
- CVE-2021-29473
* SECURITY UPDATE: Leak bytes of stack memory
- debian/patches/CVE-2021-29623.patch: Use readOrThrow to check error
conditions of iIo.read() src/webpimage.cpp.
- CVE-2021-29623
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2021-32617.patch: Fix quadratic complexity performance bug
in xmpsdk/src/XMPMeta-Parse.cpp.
- CVE-2021-32617
Date: 2021-05-24 13:29:18.334985+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/exiv2/0.27.3-3ubuntu1.3
-------------- next part --------------
Sorry, changesfile not available.
More information about the Hirsute-changes
mailing list