libimage-exiftool-perl 12.05-1ubuntu0.1 source package in Ubuntu

Changelog

libimage-exiftool-perl (12.05-1ubuntu0.1) groovy-security; urgency=medium

  * SECURITY UPDATE: Arbitrary code execution
    - debian/patches/CVE-2021-22204.patch: Improper neutralization of user
      data in the DjVu file format in ExifTool versions 7.44 and up allows
      arbitrary code execution when parsing the malicious image. (LP: #1925985)
      Thanks to William Bowling for the bug report on Launchpad.
      Thanks to Gregor Herrmann for backporting the patch.
      From debian release 12.16+dfsg-2.
    - CVE-2021-22204

 -- hugo buddelmeijer <email address hidden>  Wed, 09 Jun 2021 20:39:41 +0200

Upload details

Uploaded by:
Hugo Buddelmeijer on 2021-06-10
Sponsored by:
Paulo Flabiano Smorigo
Uploaded to:
Groovy
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
perl
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Groovy updates on 2021-06-10 universe perl
Groovy security on 2021-06-10 universe perl

Builds

Groovy: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
libimage-exiftool-perl_12.05.orig.tar.gz 4.6 MiB 7c8572c626e6e2eda65038d1533a0f15649dfffc6bdb67a609765d1a81288bbe
libimage-exiftool-perl_12.05-1ubuntu0.1.debian.tar.xz 10.2 KiB b39afd44065bb992b88f5989b3e7fca9dfa74389c05b1a2ec179643daedc6ef1
libimage-exiftool-perl_12.05-1ubuntu0.1.dsc 2.3 KiB 9e715c4488246cc72ce3d8d36fe38880b19737a01e625e402bd6c0d7a500f377

View changes file

Binary packages built by this source

libimage-exiftool-perl: library and program to read and write meta information in multimedia files

 Image::ExifTool is a customizable set of Perl modules plus a full-featured
 command-line application called exiftool for reading and writing meta
 information in a wide variety of files, including the maker note information
 of many digital cameras by various manufacturers such as Canon, Casio, DJI,
 FLIR, FujiFilm, GE, GoPro, HP, JVC/Victor, Kodak, Leaf, Minolta/Konica-Minolta,
 Nikon, Nintendo, Olympus/Epson, Panasonic/Leica, Pentax/Asahi, Phase One,
 Reconyx, Ricoh, Samsung, Sanyo, Sigma/Foveon and Sony.
 .
 The following modules/packages are recommended for specific features, e.g.
 decoding compressed and/or encrypted information from the indicated file
 types, calculating digest values for some information types, etc.:
 .
  * Archive::Zip / libarchive-zip-perl: ZIP, DOCX, PPTX, XLSX, ODP, ODS, ODT,
    EIP, iWork
  * Unicode::LineBreak / libunicode-linebreak-perl: for column-alignment of
    alternate language output
  * POSIX::strptime / libposix-strptime-perl: for inverse date/time conversion
  * Time::Piece (in perl core): alternative to POSIX::strptime
  * IO::Compress::RawDeflate + IO::Uncompress::RawInflate (in perl core): for
    reading FLIF images