[ALSA-2022:1842] Moderate: exiv2 security, bug fix, and enhancement update
Type:
security
Severity:
moderate
Release date:
2023-03-13
Description:
Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. The following packages have been upgraded to a later upstream version: exiv2 (0.27.5). (BZ#2018422) Security Fix(es): * exiv2: stack exhaustion issue in the printIFDStructure function may lead to DoS (CVE-2020-18898) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 exiv2-0.27.5-2.el8.aarch64.rpm 7cc358a1978c9d39098dfd28a9d91f90bcbd67f518cd3b15243730ad8e81024a
aarch64 exiv2-libs-0.27.5-2.el8.aarch64.rpm bbb61fbf2e893f94ed644df63601625df0020eee6bbd8984c643ac20ce67f139
aarch64 exiv2-devel-0.27.5-2.el8.aarch64.rpm d3aa877c2b5b1355b3bdcb9478172dd1c4185711795255002f83e396232701e8
i686 exiv2-libs-0.27.5-2.el8.i686.rpm cb378401d767cd7085a19640575664f073ebc8dd1349236e1acb895efc0fba99
noarch exiv2-doc-0.27.5-2.el8.noarch.rpm df7ab4600bab9199e398fdc1b3409ed8379295fc39d1e7dbdda3b64bce8267e7
ppc64le exiv2-devel-0.27.5-2.el8.ppc64le.rpm 481c160690555f863db65c184f143cf6bd4873db6f117c1b3d9b82de96c92146
ppc64le exiv2-0.27.5-2.el8.ppc64le.rpm 6c53b3bd193621213a9878a6656168d91d0ff55ec8ef83e8c3cf14ae40d4b933
ppc64le exiv2-libs-0.27.5-2.el8.ppc64le.rpm 869dc81d57fc09feab2cf4347c7fdcc6773b493baa3eb4c562d4353abfd4e988
x86_64 exiv2-devel-0.27.5-2.el8.x86_64.rpm 69978b4162ce14244cafd4fad8900b9ca6ad25e8b097d51d93dc189cc00abf8e
x86_64 exiv2-devel-0.27.5-2.el8.x86_64.rpm 69978b4162ce14244cafd4fad8900b9ca6ad25e8b097d51d93dc189cc00abf8e
x86_64 exiv2-libs-0.27.5-2.el8.x86_64.rpm c0d7b84d277a88bf64d9a691c3cd6d5fce4c5b094390ee8223a9d5ab38da3e92
x86_64 exiv2-0.27.5-2.el8.x86_64.rpm ead9b91e3bdbc3d408a137678d7076fea374bd269f7d769811e2858cb096ad0e
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.