libimage-exiftool-perl 11.88-1ubuntu0.1 source package in Ubuntu


libimage-exiftool-perl (11.88-1ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: Arbitrary code execution
    - debian/patches/CVE-2021-22204.patch: Improper neutralization of user
      data in the DjVu file format in ExifTool versions 7.44 and up allows
      arbitrary code execution when parsing the malicious image. (LP: #1925985)
      Thanks to William Bowling for the bug report on Launchpad.
      Thanks to Gregor Herrmann for backporting the patch.
      From debian release 12.16+dfsg-2.
    - CVE-2021-22204

 -- hugo buddelmeijer <email address hidden>  Wed, 09 Jun 2021 20:39:41 +0200

Upload details

Uploaded by:
Hugo Buddelmeijer on 2021-06-10
Sponsored by:
Paulo Flabiano Smorigo
Uploaded to:
Original maintainer:
Ubuntu Developers
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Focal updates on 2021-06-10 universe perl
Focal security on 2021-06-10 universe perl


Focal: [FULLYBUILT] amd64


File Size SHA-256 Checksum
libimage-exiftool-perl_11.88.orig.tar.gz 4.5 MiB 924a08f8aa120c05f588937d55bbd6c5ab48aeab012083d668ed91dae1bb88a4
libimage-exiftool-perl_11.88-1ubuntu0.1.debian.tar.xz 9.6 KiB e98ddaa2aee1ef0f34a9be8f7d1ceda37bdd5e56de0a275cacb16a5ffa8ec820
libimage-exiftool-perl_11.88-1ubuntu0.1.dsc 2.3 KiB 41016de843940de897aed21b44e78848a567ef654d2e218e46216a3816c26f2e

View changes file

Binary packages built by this source

libimage-exiftool-perl: library and program to read and write meta information in multimedia files

 Image::ExifTool is a customizable set of Perl modules plus a full-featured
 command-line application called exiftool for reading and writing meta
 information in a wide variety of files, including the maker note information
 of many digital cameras by various manufacturers such as Canon, Casio, DJI,
 FLIR, FujiFilm, GE, GoPro, HP, JVC/Victor, Kodak, Leaf, Minolta/Konica-Minolta,
 Nikon, Nintendo, Olympus/Epson, Panasonic/Leica, Pentax/Asahi, Phase One,
 Reconyx, Ricoh, Samsung, Sanyo, Sigma/Foveon and Sony.
 The following modules/packages are recommended for specific features, e.g.
 decoding compressed and/or encrypted information from the indicated file
 types, calculating digest values for some information types, etc.:
  * Archive::Zip / libarchive-zip-perl: ZIP, DOCX, PPTX, XLSX, ODP, ODS, ODT,
    EIP, iWork
  * Unicode::LineBreak / libunicode-linebreak-perl: for column-alignment of
    alternate language output
  * POSIX::strptime / libposix-strptime-perl: for inverse date/time conversion
  * Time::Piece (in perl core): alternative to POSIX::strptime
  * IO::Compress::RawDeflate + IO::Uncompress::RawInflate (in perl core): for
    reading FLIF images