SUSE-SU-2020:0860-1 -- SLES exiv2 libexiv2-12ID: oval:org.secpod.oval:def:89000563 | Date: (C)2021-02-19 (M)2024-02-19 |
Class: PATCH | Family: unix |
This update for exiv2 fixes the following issues: - CVE-2018-17581: Fixed an excessive stack consumption in CiffDirectory:readDirectory which might have led to denial of service . - CVE-2019-13110: Fixed an integer overflow and an out of bounds read in CiffDirectory:readDirectory which might have led to denial of service . - CVE-2019-13113: Fixed a potential denial of service via an invalid data location in a CRW image . - CVE-2019-17402: Fixed an improper validation of the relationship of the total size to the offset and size in Exiv2::getULong . - CVE-2019-20421: Fixed an infinite loop triggered via an input file . - CVE-2017-9239: Fixed a segmentation fault in TiffImageEntry::doWriteImage function .
Platform: |
SUSE Linux Enterprise Server 12 SP5 |
SUSE Linux Enterprise Server 12 SP4 |