Ubuntu
exiv2 package

out of buffer access and Integer overflow in Exiv2

Bug #1923479 reported by Leonidas S. Barbosa
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
exiv2 (Ubuntu)
Fix Released
Undecided
Leonidas S. Barbosa
Revision history for this message
Leonidas S. Barbosa (leosilvab) wrote :

There are no CVEs for this issues so far.

Changed in exiv2 (Ubuntu):
assignee: nobody → Leonidas S. Barbosa (leosilvab)
status: New → In Progress
Revision history for this message
Leonidas S. Barbosa (leosilvab) wrote :

A security update will be issue in next days to fix it on Ubuntu releases.

Revision history for this message
Leonidas S. Barbosa (leosilvab) wrote :

issued*

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package exiv2 - 0.27.3-3ubuntu1.1

---------------
exiv2 (0.27.3-3ubuntu1.1) hirsute-security; urgency=medium

  * SECURITY UPDATE: Heap buffer overflow
    - debian/patches/CVE-2021-3482-*.patch: fix buffer overflow
      in src/jp2image.cpp and adds tests test/data/poc_1522.jp2,
      tests/bugfixes/github/test_issue_1522.py.
    - debian/source/include-binaries: add poc_1522.jp2 entry.
    - CVE-2021-3482
  * SECURITY UPDATE: An out of buffer access
    - debian/patches/CVE-2021-29457.patch: fix in src/jp2image.cpp
      (LP: #1923479)
    - CVE-2021-29457
  * SECURITY UPDATE: Integer overflow
    - debian/patches/CVE-2021-29458.patch: fix in src/crwimage_int.cpp
      (LP: #1923479)
    - CVE-2021-29458
  * SECURITY UPDATE: Out-of-bounds
    - debian/patches/CVE-2021-29470-*.patch: Add more bound checks in
      Jp2Image::encodeJp2Header and add some tests from/for github.
    - CVE-2021-29470

 -- Leonidas Da Silva Barbosa <email address hidden> Mon, 12 Apr 2021 14:47:29 -0300

Changed in exiv2 (Ubuntu):
status: In Progress → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package exiv2 - 0.27.3-3ubuntu0.2

---------------
exiv2 (0.27.3-3ubuntu0.2) groovy-security; urgency=medium

  * SECURITY UPDATE: Heap buffer overflow
    - debian/patches/CVE-2021-3482-*.patch: fix buffer overflow
      in src/jp2image.cpp and adds tests test/data/poc_1522.jp2,
      tests/bugfixes/github/test_issue_1522.py.
    - debian/source/include-binaries: add poc_1522.jp2 entry.
    - CVE-2021-3482
  * SECURITY UPDATE: An out of buffer access
    - debian/patches/CVE-2021-29457.patch: fix in src/jp2image.cpp
      (LP: #1923479)
    - CVE-2021-29457
  * SECURITY UPDATE: Integer overflow
    - debian/patches/CVE-2021-29458.patch: fix in src/crwimage_int.cpp
      (LP: #1923479)
    - CVE-2021-29458
  * SECURITY UPDATE: Out-of-bounds
    - debian/patches/CVE-2021-29470-*.patch: Add more bound checks in
      Jp2Image::encodeJp2Header and add some tests from/for github.
    - CVE-2021-29470

 -- Leonidas Da Silva Barbosa <email address hidden> Mon, 12 Apr 2021 15:25:12 -0300

Changed in exiv2 (Ubuntu):
status: In Progress → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package exiv2 - 0.27.2-8ubuntu2.2

---------------
exiv2 (0.27.2-8ubuntu2.2) focal-security; urgency=medium

  * SECURITY UPDATE: Heap buffer overflow
    - debian/patches/CVE-2021-3482-*.patch: fix buffer overflow
      in src/jp2image.cpp and adds tests test/data/poc_1522.jp2,
      tests/bugfixes/github/test_issue_1522.py.
    - debian/source/include-binaries: add poc_1522.jp2 entry.
    - CVE-2021-3482
  * SECURITY UPDATE: An out of buffer access
    - debian/patches/CVE-2021-29457.patch: fix in src/jp2image.cpp
      (LP: #1923479)
    - CVE-2021-29457
  * SECURITY UPDATE: Integer overflow
    - debian/patches/CVE-2021-29458.patch: fix in src/crwimage_int.cpp
      (LP: #1923479)
    - CVE-2021-29458
  * SECURITY UPDATE: Out-of-bounds
    - debian/patches/CVE-2021-29470-*.patch: Add more bound checks in
      Jp2Image::encodeJp2Header and add some tests from/for github.
    - CVE-2021-29470

 -- Leonidas Da Silva Barbosa <email address hidden> Tue, 13 Apr 2021 09:49:39 -0300

Changed in exiv2 (Ubuntu):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.