libimage-exiftool-perl 10.80-1ubuntu0.1 source package in Ubuntu


libimage-exiftool-perl (10.80-1ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Arbitrary code execution
    - debian/patches/CVE-2021-22204.patch: Improper neutralization of user
      data in the DjVu file format in ExifTool versions 7.44 and up allows
      arbitrary code execution when parsing the malicious image. (LP: #1925985)
      Thanks to William Bowling for the bug report on Launchpad.
      Thanks to Gregor Herrmann for backporting the patch.
      From debian release 12.16+dfsg-2.
    - CVE-2021-22204

 -- hugo buddelmeijer <email address hidden>  Wed, 09 Jun 2021 20:39:41 +0200

Upload details

Uploaded by:
Hugo Buddelmeijer
Sponsored by:
Paulo Flabiano Smorigo
Uploaded to:
Original maintainer:
Ubuntu Developers
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Bionic updates universe perl
Bionic security universe perl


Bionic: [FULLYBUILT] amd64


File Size SHA-256 Checksum
libimage-exiftool-perl_10.80.orig.tar.gz 4.1 MiB bcf896600776d8ef39a867081b48426837ed5ee8ca19b53dd9d86a3179c93c93
libimage-exiftool-perl_10.80-1ubuntu0.1.debian.tar.xz 8.2 KiB 8f2c4bc6bf79196dfda0047c8000566e2a1fda12fa9cf4eb22ae431c32eb0c5f
libimage-exiftool-perl_10.80-1ubuntu0.1.dsc 2.3 KiB 1a3b2b71a7ada7ef7f5b330e3e821792886ccc56266dfd0b9857b2cc8f703f48

View changes file

Binary packages built by this source

libimage-exiftool-perl: library and program to read and write meta information in multimedia files

 Image::ExifTool is a Perl module with an included command-line application
 called exiftool for reading and writing meta information in a wide variety of
 files, including the maker note information of many digital cameras by
 various manufacturers such as Canon, Casio, FLIR, FujiFilm, GE, HP,
 JVC/Victor, Kodak, Leaf, Minolta/Konica-Minolta, Nikon, Nintendo,
 Olympus/Epson, Panasonic/Leica, Pentax/Asahi, Phase One, Reconyx, Ricoh,
 Samsung, Sanyo, Sigma/Foveon and Sony.
 The following modules/packages are recommended for specific features, e.g.
 decoding compressed and/or encrypted information from the indicated file
 types, calculating digest values for some information types, etc.:
  * Archive::Zip / libarchive-zip-perl: ZIP, DOCX, PPTX, XLSX, ODP, ODS, ODT,
    EIP, iWork
  * Unicode::LineBreak / libunicode-linebreak-perl: for column-alignment of
    alternate language output
  * POSIX::strptime / libposix-strptime-perl: for inverse date/time conversion
  * Time::Piece (in perl core): alternative to POSIX::strptime
  * IO::Compress::RawDeflate + IO::Uncompress::RawInflate (in perl core): for
    reading FLIF images