libexif-0.6.21-17.el8
エラータID: AXSA:2020-249:03
Release date:
Monday, August 3, 2020 - 00:43
Subject:
libexif-0.6.21-17.el8
Affected Channels:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
The libexif packages provide a library for extracting extra information from image files.
Security Fix(es):
* libexif: several buffer over-reads in EXIF MakerNote handling can lead to information disclosure and DoS (CVE-2020-13112)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2020-13112
An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093.
Solution:
Update packages.
CVEs:
CVE-2020-13112
An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093.
An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093.
Additional Info:
N/A
Download:
SRPMS
- libexif-0.6.21-17.el8.src.rpm
MD5: 8bdb4d01a2f1b30a2bd29feecc231bc1
SHA-256: db61649cf365257d14415c2cefc312ce503bfd0cf161ebdd04e5c41821617631
Size: 1.32 MB
Asianux Server 8 for x86_64
- libexif-0.6.21-17.el8.x86_64.rpm
MD5: 9654e317016ca9a89abc0d6eb58da266
SHA-256: 7aafa6da84c4ad3b2ff3838a9f0713fdf60ab68e69dd80626d4e861b280b28f1
Size: 354.55 kB