exiv2 0.25-4ubuntu2 source package in Ubuntu
Changelog
exiv2 (0.25-4ubuntu2) eoan; urgency=medium
* SECURITY UPDATE: Integer overflow
- debian/patches/CVE-2018-19107-19108-*.patch: add port of enforce()
in src/enforce.hpp, use safe:add for preventing overflows in
PSD files and enforce length of image resource
section < file size in src/psdimage.cpp.
- CVE-2018-19107
- CVE-2018-19108
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2018-19535-*.patch: fixes in
PngChunk::readRawProfile in src/pngchunk.cpp.
- CVE-2018-19535
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2019-13110.patch: avoid integer overflow
in src/crwimage.cpp.
- CVE-2019-13110
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2019-13112.patch: add bound check
on allocation size in src/pngchunk.cpp.
- CVE-2019-13112
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2019-13113.patch: throw an exception
if the data location is invalid in src/crwimage.cpp,
src/crwimage_int.hpp.
- CVE-2019-13113
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2019-13114.patch: avoid null pointer
exception due to NULL return from strchr in src/http.cpp.
- CVE-2019-13114
* Add error codes from src error in order to support CVE-2018-19535
- debian/patches/0001-Added-error-codes-from-src-error.cpp-into-an-enumera.patch
-- <email address hidden> (Leonidas S. Barbosa) Mon, 15 Jul 2019 11:49:42 -0300
Upload details
- Uploaded by:
- Leonidas S. Barbosa
- Sponsored by:
- Marc Deslauriers
- Uploaded to:
- Eoan
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- graphics
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| exiv2_0.25.orig.tar.gz | 5.2 MiB | c80bfc778a15fdb06f71265db2c3d49d8493c382e516cb99b8c9f9cbde36efa4 |
| exiv2_0.25-4ubuntu2.debian.tar.xz | 33.8 KiB | 5567d21723be3f9d4946376c07d11913f8694efff039e7996bd7e956d82829a3 |
| exiv2_0.25-4ubuntu2.dsc | 2.3 KiB | 9d6dfbfc947050b74bf79e7f63ae5a9923093188227c1bebfe637ec2fffab457 |
Available diffs
- diff from 0.25-4ubuntu1 to 0.25-4ubuntu2 (6.3 KiB)
Binary packages built by this source
- exiv2: No summary available for exiv2 in ubuntu eoan.
No description available for exiv2 in ubuntu eoan.
- exiv2-dbgsym: debug symbols for exiv2
- libexiv2-14: No summary available for libexiv2-14 in ubuntu focal.
No description available for libexiv2-14 in ubuntu focal.
- libexiv2-14-dbgsym: No summary available for libexiv2-14-dbgsym in ubuntu eoan.
No description available for libexiv2-14-dbgsym in ubuntu eoan.
- libexiv2-dev: No summary available for libexiv2-dev in ubuntu eoan.
No description available for libexiv2-dev in ubuntu eoan.
- libexiv2-doc: No summary available for libexiv2-doc in ubuntu eoan.
No description available for libexiv2-doc in ubuntu eoan.
