exiv2 0.25-4ubuntu1.1 source package in Ubuntu
Changelog
exiv2 (0.25-4ubuntu1.1) disco-security; urgency=medium
* SECURITY UPDATE: Integer overflow
- debian/patches/CVE-2018-19107-19108-*.patch: add port of enforce()
in src/enforce.hpp, use safe:add for preventing overflows in
PSD files and enforce length of image resource
section < file size in src/psdimage.cpp.
- CVE-2018-19107
- CVE-2018-19108
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2018-19535-*.patch: fixes in
PngChunk::readRawProfile in src/pngchunk.cpp.
- CVE-2018-19535
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2019-13110.patch: avoid integer overflow
in src/crwimage.cpp.
- CVE-2019-13110
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2019-13112.patch: add bound check
on allocation size in src/pngchunk.cpp.
- CVE-2019-13112
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2019-13113.patch: throw an exception
if the data location is invalid in src/crwimage.cpp,
src/crwimage_int.hpp.
- CVE-2019-13113
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2019-13114.patch: avoid null pointer
exception due to NULL return from strchr in src/http.cpp.
- CVE-2019-13114
* Add error codes from src error in order to support CVE-2018-19535
- debian/patches/0001-Added-error-codes-from-src-error.cpp-into-an-enumera.patch
-- <email address hidden> (Leonidas S. Barbosa) Wed, 10 Jul 2019 15:20:16 -0300
Upload details
- Uploaded by:
- Leonidas S. Barbosa
- Uploaded to:
- Disco
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- graphics
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| exiv2_0.25.orig.tar.gz | 5.2 MiB | c80bfc778a15fdb06f71265db2c3d49d8493c382e516cb99b8c9f9cbde36efa4 |
| exiv2_0.25-4ubuntu1.1.debian.tar.xz | 33.8 KiB | 9f7b4cfbfd386cb19bbf8281b349d6a462b7c300c8e466ed27b62c76b3af1e71 |
| exiv2_0.25-4ubuntu1.1.dsc | 2.3 KiB | 5854e7ebea44b9fc0a71fbb2266507009c0a687016443f1d253df161d66c73fc |
Available diffs
Binary packages built by this source
- exiv2: No summary available for exiv2 in ubuntu disco.
No description available for exiv2 in ubuntu disco.
- exiv2-dbgsym: No summary available for exiv2-dbgsym in ubuntu disco.
No description available for exiv2-dbgsym in ubuntu disco.
- libexiv2-14: No summary available for libexiv2-14 in ubuntu disco.
No description available for libexiv2-14 in ubuntu disco.
- libexiv2-14-dbgsym: No summary available for libexiv2-14-dbgsym in ubuntu disco.
No description available for libexiv2-14-dbgsym in ubuntu disco.
- libexiv2-dev: No summary available for libexiv2-dev in ubuntu disco.
No description available for libexiv2-dev in ubuntu disco.
- libexiv2-doc: No summary available for libexiv2-doc in ubuntu disco.
No description available for libexiv2-doc in ubuntu disco.
