SUSE-SU-2020:1534-1 -- SLES libexifID: oval:org.secpod.oval:def:89000410 | Date: (C)2021-02-19 (M)2023-12-20 |
Class: PATCH | Family: unix |
This update for libexif fixes the following issues: Security issues fixed: - CVE-2016-6328: Fixed an integer overflow in parsing MNOTE entry data of the input file . - CVE-2017-7544: Fixed an out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c . - CVE-2018-20030: Fixed a denial of service by endless recursion . - CVE-2019-9278: Fixed an integer overflow . - CVE-2020-0093: Fixed an out-of-bounds read in exif_data_save_data_entry . - CVE-2020-12767: Fixed a divide-by-zero error in exif_entry_get_value . - CVE-2020-13112: Fixed a time consumption DoS when parsing canon array markers . - CVE-2020-13113: Fixed a potential use of uninitialized memory . - CVE-2020-13114: Fixed various buffer overread fixes due to integer overflows in maker notes . Non-security issues fixed: - libexif was updated to version 0.6.22: * New translations: ms * Updated translations for most languages * Some useful EXIF 2.3 tag added: * EXIF_TAG_GAMMA * EXIF_TAG_COMPOSITE_IMAGE * EXIF_TAG_SOURCE_IMAGE_NUMBER_OF_COMPOSITE_IMAGE * EXIF_TAG_SOURCE_EXPOSURE_TIMES_OF_COMPOSITE_IMAGE * EXIF_TAG_GPS_H_POSITIONING_ERROR * EXIF_TAG_CAMERA_OWNER_NAME * EXIF_TAG_BODY_SERIAL_NUMBER * EXIF_TAG_LENS_SPECIFICATION * EXIF_TAG_LENS_MAKE * EXIF_TAG_LENS_MODEL * EXIF_TAG_LENS_SERIAL_NUMBER
Platform: |
SUSE Linux Enterprise Server 12 SP3 |
SUSE Linux Enterprise Server 12 SP2 |
SUSE Linux Enterprise Server 12 SP5 |
SUSE Linux Enterprise Server 12 SP4 |