libexif-0.6.21-7.el7

エラータID: AXSA:2020-162:02

Release date: 
Thursday, June 18, 2020 - 07:27
Subject: 
libexif-0.6.21-7.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
Moderate
Description: 

The libexif packages provide a library for extracting extra information from image files.

Security Fix(es):

* libexif: several buffer over-reads in EXIF MakerNote handling can lead to information disclosure and DoS (CVE-2020-13112)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2020-13112
An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093.

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. libexif-0.6.21-7.el7.src.rpm
    MD5: 98f8647c8aa3668361350cf003acc911
    SHA-256: afe5202dc8cdc25f7bba9b180cf839c052c414335e0b60d5c19a97bcb8a66608
    Size: 1.32 MB

Asianux Server 7 for x86_64
  1. libexif-0.6.21-7.el7.x86_64.rpm
    MD5: 00116a3e102ceaca3b8cf3a40cef4fb4
    SHA-256: 5be258203469c9244540d89405622280e25da8527d7434bc77760e324def741a
    Size: 346.65 kB
  2. libexif-0.6.21-7.el7.i686.rpm
    MD5: 53e79368804e5c5730e4f3ad8c90efd3
    SHA-256: 03e08631493f0ae9dcca5da4fb4cccb0a38aa0bc29e8bb0f39771492fd40e52d
    Size: 342.71 kB