Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.4:Update
patchinfo.26338
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.26338
<patchinfo incident="26338"> <issue tracker="bnc" id="1142675">VUL-1: CVE-2019-13108: exiv2: integer overflow PngImage:readMetadata leads to denial of service</issue> <issue tracker="bnc" id="1188733">VUL-0: CVE-2021-31291: exiv2: A heap-based buffer overflow vulnerability in jp2image.cpp may lead to a denial of service via crafted metadata</issue> <issue tracker="bnc" id="1068871">VUL-1: CVE-2017-1000128: exiv2: Exiv2 0.26 contains a stack out of bounds read in JPEG2000 parser</issue> <issue tracker="bnc" id="1186053">VUL-0: CVE-2021-29623: kdegraphics4,exiv2,libgexiv2: Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. A read of uninitialized memory was found in Exiv2 versions v0.2</issue> <issue tracker="bnc" id="1188645">VUL-0: CVE-2020-19716: exiv2: A buffer overflow vulnerability in the Databuf function in types.cpp of Exiv2 v0.27.1 leads to a denial of service (DOS).</issue> <issue tracker="bnc" id="1185447">VUL-0: CVE-2021-29470: exiv2: out-of-bounds read in Exiv2:Jp2Image:encodeJp2Header</issue> <issue tracker="bnc" id="1189333">VUL-0: CVE-2021-37621: exiv2: DoS due to infinite loop in Image:printIFDStructure</issue> <issue tracker="bnc" id="1185002">VUL-0: CVE-2021-29457: exiv2: heap buffer overflow when write metadata into a crafted image file</issue> <issue tracker="bnc" id="1186192">VUL-0: CVE-2021-32617: exiv2: An inefficient algorithm (quadratic complexity) can cause a denial of service when run on a malicious crafted image file</issue> <issue tracker="bnc" id="1189332">VUL-1: CVE-2021-37620: exiv2: exiv2: out-of-bounds read in XmpTextValue:read()</issue> <issue tracker="bnc" id="1185218">GCC 11: exiv2 build fails on i586</issue> <issue tracker="bnc" id="1189334">VUL-0: CVE-2021-37622: exiv2: exiv2: DoS due to infinite loop in JpegBase:printStructure</issue> <issue tracker="bnc" id="1189338">VUL-0: CVE-2021-34334: exiv2: exiv2: DoS due to integer overflow in loop counter</issue> <issue tracker="bnc" id="1189335">VUL-0: CVE-2021-37623: exiv2: exiv2: DoS due to infinite loop in JpegBase:printStructure</issue> <issue tracker="bnc" id="1185913">VUL-0: CVE-2021-29463: exiv2,kdegraphics4,libgexiv2: An out-of-bounds read was found in webpimage.cpp</issue> <issue tracker="bnc" id="1189338">VUL-0: CVE-2021-34334: exiv2: exiv2: DoS due to integer overflow in loop counter</issue> <issue tracker="bnc" id="1142679">VUL-1: CVE-2019-13111: exiv2: integer overflow in WebPImage:decodeChunks leads to denial of service</issue> <issue tracker="bnc" id="1185913">VUL-0: CVE-2021-29463: exiv2,kdegraphics4,libgexiv2: An out-of-bounds read was found in webpimage.cpp</issue> <issue tracker="cve" id="2017-1000128"/> <issue tracker="cve" id="2019-13108"/> <issue tracker="cve" id="2020-19716"/> <issue tracker="cve" id="2021-29457"/> <issue tracker="cve" id="2021-29470"/> <issue tracker="cve" id="2021-29623"/> <issue tracker="cve" id="2021-31291"/> <issue tracker="cve" id="2021-32617"/> <issue tracker="cve" id="2021-37620"/> <issue tracker="cve" id="2021-37621"/> <issue tracker="cve" id="2021-37622"/> <issue tracker="cve" id="2021-37623"/> <issue tracker="cve" id="2021-34334"/> <issue tracker="cve" id="2021-29463"/> <issue tracker="cve" id="2021-34334"/> <issue tracker="cve" id="2019-13111"/> <issue tracker="cve" id="2021-29463"/> <issue tracker="jsc" id="PED-1393"/> <packager>dirkmueller</packager> <rating>important</rating> <category>security</category> <summary>Security update for exiv2</summary> <description>This update for exiv2 fixes the following issues: Updated to version 0.27.5 (jsc#PED-1393): - CVE-2017-1000128: Fixed stack out of bounds read in JPEG2000 parser (bsc#1068871). - CVE-2019-13108: Fixed integer overflow PngImage:readMetadata (bsc#1142675). - CVE-2020-19716: Fixed buffer overflow vulnerability in the Databuf function in types.cpp (bsc#1188645). - CVE-2021-29457: Fixed heap buffer overflow when write metadata into a crafted image file (bsc#1185002). - CVE-2021-29470: Fixed out-of-bounds read in Exiv2:Jp2Image:encodeJp2Header (bsc#1185447). - CVE-2021-29623: Fixed read of uninitialized memory (bsc#1186053). - CVE-2021-31291: Fixed heap-based buffer overflow in jp2image.cpp (bsc#1188733). - CVE-2021-32617: Fixed denial of service due to inefficient algorithm (bsc#1186192). - CVE-2021-37620: Fixed out-of-bounds read in XmpTextValue:read() (bsc#1189332). - CVE-2021-37621: Fixed DoS due to infinite loop in Image:printIFDStructure (bsc#1189333). - CVE-2021-37622: Fixed DoS due to infinite loop in JpegBase:printStructure (bsc#1189334) - CVE-2021-34334: Fixed DoS due to integer overflow in loop counter(bsc#1189338) - CVE-2021-37623: Fixed DoS due to infinite loop in JpegBase:printStructure (bsc#1189335) - CVE-2021-29463: Fixed out-of-bounds read in webpimage.cpp (bsc#1185913). - CVE-2021-34334: Fixed DoS due to integer overflow in loop counter (bsc#1189338) - CVE-2019-13111: Fixed integer overflow in WebPImage:decodeChunks that lead to denial of service (bsc#1142679) - CVE-2021-29463: Fixed an out-of-bounds read was found in webpimage.cpp (bsc#1185913) Bugfixes: - Fixed build using GCC 11 (bsc#1185218). A new libexiv2-2_27 shared library is shipped, the libexiv2-2_26 is provided only for compatibility now. Please recompile your applications using the exiv2 library. </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor