Описание
ELSA-2020-1577: exiv2 security, bug fix, and enhancement update (MODERATE)
exiv2 [0.27.2-5]
- Fix failing test Resolves: bz#1800472
[0.27.2-4]
- Drop test for the previous CVE as we test it manually and we dont have POC available Resolves: bz#1800472
[0.27.2-3]
- Fix infinite loop and hang in Jp2Image::readMetadata() Resolves: bz#1800472
[0.27.2-2] Rebuild Resolves: bz#1651917
[0.27.2-1]
- Update to 0.27.2 Resolves: bz#1651917
gegl [0.2.0-39]
- Build without exiv2 Resolves: bz#1767748
gnome-color-manager [3.28.0-3]
- Rebuild again to correctly trigger side-tag gating (exiv2) Resolves: bz#1757445
[3.28.0-2]
- Rebuild (exiv2) Resolves: bz#1757445
libgexiv2 [0.10.8-4]
- Rebuild again to correctly trigger side-tag gating (exiv2) Resolves: bz#1757444
[0.10.8-3]
- Rebuild (exiv2) Resolves: bz#1757444
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
exiv2
0.27.2-5.el8
exiv2-devel
0.27.2-5.el8
exiv2-doc
0.27.2-5.el8
exiv2-libs
0.27.2-5.el8
gegl
0.2.0-39.el8
libgexiv2
0.10.8-4.el8
libgexiv2-devel
0.10.8-4.el8
Oracle Linux x86_64
exiv2
0.27.2-5.el8
exiv2-devel
0.27.2-5.el8
exiv2-doc
0.27.2-5.el8
exiv2-libs
0.27.2-5.el8
gegl
0.2.0-39.el8
gnome-color-manager
3.28.0-3.el8
libgexiv2
0.10.8-4.el8
libgexiv2-devel
0.10.8-4.el8
Связанные CVE
Ссылки на источники
Связанные уязвимости
The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file.
The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file.
The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file.
The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0. ...