Описание
Security update for jhead
This update for jhead fixes the following issues:
jhead was updated to 3.06.0.1
- lot of fuzztest fixes
- Apply a whole bunch of patches from Debian.
- Spell check and fuzz test stuff from Debian, nothing useful to human users.
- Add option to set exif date from date from another file.
- Bug fixes relating to fuzz testing.
- Fix bug where thumbnail replacement DID NOT WORK.
- Fix bug when no orientation tag is present
- Fix bug of not clearing exif information when processing images with an without exif data in one invocation.
- Remove some unnecessary warnings with some types of GPS data
- Remove multiple copies of the same type of section when deleting section types
Список пакетов
openSUSE Leap 15.2
Ссылки
- E-Mail link for openSUSE-SU-2021:0743-1
- SUSE Security Ratings
- SUSE Bug 1144316
- SUSE Bug 1144354
- SUSE Bug 1160544
- SUSE Bug 1160547
- SUSE CVE CVE-2016-3822 page
- SUSE CVE CVE-2018-16554 page
- SUSE CVE CVE-2018-17088 page
- SUSE CVE CVE-2018-6612 page
- SUSE CVE CVE-2019-1010301 page
- SUSE CVE CVE-2019-1010302 page
- SUSE CVE CVE-2020-6624 page
- SUSE CVE CVE-2020-6625 page
- SUSE CVE CVE-2021-3496 page
Описание
exif.c in Matthias Wandel jhead 2.87, as used in libjhead in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01, allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds access) via crafted EXIF data, aka internal bug 28868315.
Затронутые продукты
Ссылки
- CVE-2016-3822
- SUSE Bug 1108480
- SUSE Bug 1108672
Описание
The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because of inconsistency between float and double in a sprintf format string during TAG_GPS_ALT handling.
Затронутые продукты
Ссылки
- CVE-2018-16554
- SUSE Bug 1108480
- SUSE Bug 1108672
Описание
The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because there is an integer overflow during a check for whether a location exceeds the EXIF data length. This is analogous to the CVE-2016-3822 integer overflow in exif.c. This gpsinfo.c vulnerability is unrelated to the CVE-2018-16554 gpsinfo.c vulnerability.
Затронутые продукты
Ссылки
- CVE-2018-17088
- SUSE Bug 1108480
- SUSE Bug 1108672
Описание
An integer underflow bug in the process_EXIF function of the exif.c file of jhead 3.00 raises a heap-based buffer over-read when processing a malicious JPEG file, which may allow a remote attacker to cause a denial-of-service attack or unspecified other impact.
Затронутые продукты
Ссылки
- CVE-2018-6612
- SUSE Bug 1079349
Описание
jhead 3.03 is affected by: Buffer Overflow. The impact is: Denial of service. The component is: gpsinfo.c Line 151 ProcessGpsInfo(). The attack vector is: Open a specially crafted JPEG file.
Затронутые продукты
Ссылки
- CVE-2019-1010301
- SUSE Bug 1144316
Описание
jhead 3.03 is affected by: Incorrect Access Control. The impact is: Denial of service. The component is: iptc.c Line 122 show_IPTC(). The attack vector is: the victim must open a specially crafted JPEG file.
Затронутые продукты
Ссылки
- CVE-2019-1010302
- SUSE Bug 1144354
Описание
jhead through 3.04 has a heap-based buffer over-read in process_DQT in jpgqguess.c.
Затронутые продукты
Ссылки
- CVE-2020-6624
- SUSE Bug 1160547
Описание
jhead through 3.04 has a heap-based buffer over-read in Get32s when called from ProcessGpsInfo in gpsinfo.c.
Затронутые продукты
Ссылки
- CVE-2020-6625
- SUSE Bug 1160544
Описание
A heap-based buffer overflow was found in jhead in version 3.06 in Get16u() in exif.c when processing a crafted file.
Затронутые продукты
Ссылки
- CVE-2021-3496
- SUSE Bug 1184756