[ubuntu/impish-proposed] exiv2 0.27.3-3ubuntu2 (Accepted)
Leonidas Da Silva Barbosa
leo.barbosa at canonical.com
Mon May 17 14:55:14 UTC 2021
exiv2 (0.27.3-3ubuntu2) impish; urgency=medium
* SECURITY UPDATE: An out of buffer access
- debian/patches/CVE-2021-29457.patch: fix in src/jp2image.cpp
(LP: #1923479)
- CVE-2021-29457
* SECURITY UPDATE: Integer overflow
- debian/patches/CVE-2021-29458.patch: fix in src/crwimage_int.cpp
(LP: #1923479)
- CVE-2021-29458
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2021-29463.patch: Improve bound checking in
WebPImage::doWriteMetadata() in src/webpimage.cpp.
- CVE-2021-29463
* SECURITY UPDATE: Heap buffer overflow
- debian/patches/CVE-2021-29464.patch: better bounds checking in
Jp2Image::encodeJp2Header() in src/jp2image.cpp.
- CVE-2021-29464
* SECURITY UPDATE: Out-of-bounds
- debian/patches/CVE-2021-29470.patch: Add more bound checks in
Jp2Image::encodeJp2Header.
- CVE-2021-29470
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2021-29473.patch: Add bounds check in
Jp2Image::doWriteMetadata() in src/jp2image.cpp.
- CVE-2021-29743
* SECURITY UPDATE: Heap buffer overflow
- debian/patches/CVE-2021-3482.patch: fix buffer overflow
in src/jp2image.cpp.
- CVE-2021-3482
Date: Fri, 14 May 2021 09:53:39 -0300
Changed-By: Leonidas Da Silva Barbosa <leo.barbosa at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/exiv2/0.27.3-3ubuntu2
-------------- next part --------------
Format: 1.8
Date: Fri, 14 May 2021 09:53:39 -0300
Source: exiv2
Built-For-Profiles: noudeb
Architecture: source
Version: 0.27.3-3ubuntu2
Distribution: impish
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Leonidas Da Silva Barbosa <leo.barbosa at canonical.com>
Launchpad-Bugs-Fixed: 1923479
Changes:
exiv2 (0.27.3-3ubuntu2) impish; urgency=medium
.
* SECURITY UPDATE: An out of buffer access
- debian/patches/CVE-2021-29457.patch: fix in src/jp2image.cpp
(LP: #1923479)
- CVE-2021-29457
* SECURITY UPDATE: Integer overflow
- debian/patches/CVE-2021-29458.patch: fix in src/crwimage_int.cpp
(LP: #1923479)
- CVE-2021-29458
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2021-29463.patch: Improve bound checking in
WebPImage::doWriteMetadata() in src/webpimage.cpp.
- CVE-2021-29463
* SECURITY UPDATE: Heap buffer overflow
- debian/patches/CVE-2021-29464.patch: better bounds checking in
Jp2Image::encodeJp2Header() in src/jp2image.cpp.
- CVE-2021-29464
* SECURITY UPDATE: Out-of-bounds
- debian/patches/CVE-2021-29470.patch: Add more bound checks in
Jp2Image::encodeJp2Header.
- CVE-2021-29470
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2021-29473.patch: Add bounds check in
Jp2Image::doWriteMetadata() in src/jp2image.cpp.
- CVE-2021-29743
* SECURITY UPDATE: Heap buffer overflow
- debian/patches/CVE-2021-3482.patch: fix buffer overflow
in src/jp2image.cpp.
- CVE-2021-3482
Checksums-Sha1:
5b7a7ab3f436aaa4ae2043d85ca90c1b28b7daf0 2370 exiv2_0.27.3-3ubuntu2.dsc
bad429c5f2ea9f13d46eabe8a2154706b17a2f98 29096 exiv2_0.27.3-3ubuntu2.debian.tar.xz
d05cec1d0184a491099c9d6a49a960917679d4c5 11316 exiv2_0.27.3-3ubuntu2_source.buildinfo
Checksums-Sha256:
adfa1e1c829b07e36ba739a8cd51ab63b85ed01124717ec4f4704f47baf3f751 2370 exiv2_0.27.3-3ubuntu2.dsc
e31aa5ad6adaea4eba9b10221618d1c60d840d817a2b38e04f090f513c6f8b1b 29096 exiv2_0.27.3-3ubuntu2.debian.tar.xz
42326d7202e6c43248e70e2a1da8fbcd24f0d3986fa859aa0938cc476e715d5d 11316 exiv2_0.27.3-3ubuntu2_source.buildinfo
Files:
d5132a7c70aeea75baeca5fb49fbba2f 2370 graphics optional exiv2_0.27.3-3ubuntu2.dsc
5e9948fffea2fcd3ac36c722b083af9e 29096 graphics optional exiv2_0.27.3-3ubuntu2.debian.tar.xz
c86dca1a3f524ea637aba5eb598bbca0 11316 graphics optional exiv2_0.27.3-3ubuntu2_source.buildinfo
Original-Maintainer: Debian KDE Extras Team <pkg-kde-extras at lists.alioth.debian.org>
More information about the impish-changes
mailing list