[ALSA-2021:3152] Important: exiv2 security update
Type:
security
Severity:
important
Release date:
2021-08-18
Description:
Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. Security Fix(es): * exiv2: Heap-based buffer overflow vulnerability in jp2image.cpp (CVE-2021-31291) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
noarch exiv2-doc-0.27.3-3.el8_4.noarch.rpm 16aba0a97d57c60bc3109fdcb9497e42372be57667f6ad060e146b9a69f1d2c7
x86_64 exiv2-devel-0.27.3-3.el8_4.x86_64.rpm 87d2931076533b41afc31151df18caa4cf8664dae701fa0119231af92ee82eb6
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.