[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

423868

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

CESA-2020:4040 -- centos 7 libexif

ID: oval:org.secpod.oval:def:205629Date: (C)2020-10-28   (M)2023-12-20
Class: PATCHFamily: unix




The libexif packages provide a library for extracting extra information from image files. The following packages have been upgraded to a later upstream version: libexif . Security Fix: * libexif: out of bound write in exif-data.c * libexif: out of bounds read due to a missing bounds check in exif_data_save_data_entry function in exif-data.c * libexif: use of uninitialized memory in EXIF Makernote handling can lead to crashes and use-after-free * libexif: unrestricted size in handling Canon EXIF MakerNote data can lead to consumption of large amounts of compute time * libexif: out of bounds read due to a missing bounds check in exif_entry_get_value function in exif-entry.c * libexif: divide-by-zero in exif_entry_get_value function in exif-entry.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.

Platform:
CentOS 7
Product:
libexif
Reference:
CESA-2020:4040
CVE-2019-9278
CVE-2020-0093
CVE-2020-0182
CVE-2020-12767
CVE-2020-13113
CVE-2020-13114
CVE    6
CVE-2020-0093
CVE-2020-0182
CVE-2020-13114
CVE-2020-13113
...
CPE    2
cpe:/a:curtis_galloway:libexif
cpe:/o:centos:centos:7

© SecPod Technologies