compat-exiv2-023-0.23-2.0.1.el7.AXS7

エラータID: AXSA:2021-2379:01

Release date: 
Monday, August 23, 2021 - 08:18
Subject: 
compat-exiv2-023-0.23-2.0.1.el7.AXS7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats.

Security Fix(es):

* exiv2: Heap-based buffer overflow vulnerability in jp2image.cpp (CVE-2021-31291)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2021-31291
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-29457. Reason: This candidate is a duplicate of CVE-2021-29457. Notes: All CVE users should reference CVE-2021-29457 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. compat-exiv2-023-0.23-2.0.1.el7.AXS7.src.rpm
    MD5: 66c8cd60a910413905a421d699634239
    SHA-256: 2fe1736fd275e3859202c81d5a1da8bff0f39495154e534f9c6ddbc6bd146563
    Size: 3.26 MB

Asianux Server 7 for x86_64
  1. compat-exiv2-023-0.23-2.0.1.el7.AXS7.x86_64.rpm
    MD5: d6ba04ab93b85883503561c6aca44d8e
    SHA-256: 4d39e30d4355e7614499bb4f279a40fb7628f8e139bf8c7c8255ea0f26fd4592
    Size: 680.71 kB
  2. compat-exiv2-023-0.23-2.0.1.el7.AXS7.i686.rpm
    MD5: 262569aec4f4ae1e1c648b6dab5e6453
    SHA-256: 9505af3169f20ba2330a6045ddb35f1aa1d704d7fe46262fe6fa3223d1fbb88a
    Size: 672.06 kB