Описание
ELSA-2020-4030: exiv2 security update (LOW)
[0.27.0-3]
- Validate relationship of the total size to the offset to avoid crash Resolves: bz#1775695
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
exiv2
0.27.0-3.el7_8
exiv2-devel
0.27.0-3.el7_8
exiv2-doc
0.27.0-3.el7_8
exiv2-libs
0.27.0-3.el7_8
Oracle Linux x86_64
exiv2
0.27.0-3.el7_8
exiv2-devel
0.27.0-3.el7_8
exiv2-doc
0.27.0-3.el7_8
exiv2-libs
0.27.0-3.el7_8
Связанные CVE
Связанные уязвимости
Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimage_int.cpp, because there is no validation of the relationship of the total size to the offset and size.
Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimage_int.cpp, because there is no validation of the relationship of the total size to the offset and size.
Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimage_int.cpp, because there is no validation of the relationship of the total size to the offset and size.
Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in ...