ALSA-2022:1797

[ALSA-2022:1797] Moderate: compat-exiv2-026 security update

Type:

security

Severity:

moderate

Release date:

2023-03-13

Description:

Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats.

Security Fix(es):

* exiv2: stack exhaustion issue in the printIFDStructure function may lead to DoS (CVE-2020-18898)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	compat-exiv2-026-0.26-7.el8.aarch64.rpm	5255323ebec716c97ca8a9797595edd0824f88cec186496894b6541f90fee3d0
i686	compat-exiv2-026-0.26-7.el8.i686.rpm	cdeb63ad38a448dad2dcf7a8cdfc3f26bd60950101b41762e7c90ecfc3e7bd77
ppc64le	compat-exiv2-026-0.26-7.el8.ppc64le.rpm	a1836d75cb1f3bec356dda36a75b135d961c7a0f51cb62214d6ce05cf75a8713
x86_64	compat-exiv2-026-0.26-7.el8.x86_64.rpm	eb6d782db96daaac2378566761da48a134d86de738fdb4d4569c8d4463829064
x86_64	compat-exiv2-026-0.26-7.el8.x86_64.rpm	eb6d782db96daaac2378566761da48a134d86de738fdb4d4569c8d4463829064

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.