Download
| Alert*
oval:org.secpod.oval:def:705245
exiv2: EXIF/IPTC/XMP metadata manipulation tool Exiv2 could be made to crash if it received a specially crafted file. oval:org.secpod.oval:def:1504917 [0.27.3-2] - Avoid duplicating Changelog file Resolves: bz#1880984 [0.27.3-1] - Update to 0.27.3 Resolves: bz#1880984 oval:org.secpod.oval:def:4501350 The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 . Security Fix: * exiv2: out-of-bounds read in CiffDirectory::readDirectory due to la ... oval:org.secpod.oval:def:506150 The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 . Security Fix: * exiv2: out-of-bounds read in CiffDirectory::readDirectory due to la ... oval:org.secpod.oval:def:3301007 SUSE Security Update: Security update for exiv2-0_26 oval:org.secpod.oval:def:73604 The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 . Security Fix: * exiv2: out-of-bounds read in CiffDirectory::readDirectory due to la ... oval:org.secpod.oval:def:89000563 This update for exiv2 fixes the following issues: - CVE-2018-17581: Fixed an excessive stack consumption in CiffDirectory:readDirectory which might have led to denial of service . - CVE-2019-13110: Fixed an integer overflow and an out of bounds read in CiffDirectory:readDirectory which might have le ... oval:org.secpod.oval:def:504332 The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. Security Fix: * exiv2: out-of-bounds read in CiffDirectory::readDirectory due to lack of size check For more details about the security issue, including the impac ... oval:org.secpod.oval:def:59597 exiv2: EXIF/IPTC/XMP metadata manipulation tool Exiv2 could be made to crash if it received a specially crafted file. oval:org.secpod.oval:def:89047949 This update for exiv2-0_26 fixes the following issues: - CVE-2019-17402: Fixed improper validation of the total size to the offset and size leads to a crash in Exiv2::getULong in types.cpp . - CVE-2018-20098: Fixed a heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header . - CVE-2018-17581: ... oval:org.secpod.oval:def:1504275 [0.27.0-3] - Validate relationship of the total size to the offset to avoid crash Resolves: bz#1775695 oval:org.secpod.oval:def:89047997 This update for exiv2 fixes the following issues: - CVE-2019-13110: Fixed an integer-overflow and out-of-bounds read in CiffDirectory:readDirectory leads to denail of service . - CVE-2019-13109: Fixed a denial of service in PngImage:readMetadata . - CVE-2018-17581: Fixed an excessive stack consumpti ... oval:org.secpod.oval:def:1801651 Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimage_int.cpp, because there is no validation of the relationship of the total size to the offset and size. oval:org.secpod.oval:def:2500238 The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. oval:org.secpod.oval:def:1700442 An out of bounds read vulnerability was discovered in the way exiv2 parses Canon raw format images. An application that uses exiv2 library to parse untrusted images may be vulnerable to this flaw, which could be used by an attacker to extract data from the application"s memory or make it crash. The ... oval:org.secpod.oval:def:205638 The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. Security Fix: * exiv2: out-of-bounds read in CiffDirectory::readDirectory due to lack of size check For more details about the security issue, including the impac ... |