Commit Graph

15 Commits

Author SHA1 Message Date
Jan Grulich
81d2c76e0d Exiv2 0.27.5
Resolves: bz#2018421

Fix stack exhaustion issue in the printIFDStructure function leading to DoS
Resolves: bz#2003670
2021-11-12 10:28:24 +01:00
Jan Grulich
0f6bad762c Properly install POC files
Resolves: bz#1993247
Resolves: bz#1993284
2021-08-24 17:49:36 +02:00
Jan Grulich
20a28a73c0 Bump build version
Resolves: bz#1993247
Resolves: bz#1993284
2021-08-24 13:26:09 +02:00
Jan Grulich
c39924fe20 Include missing tests for CVEs
Resolves: bz#1993247
Resolves: bz#1993284
2021-08-24 13:17:10 +02:00
Jan Grulich
160330c325 Fix test for CVE-2021-29470
Resolves: bz#1993284
2021-08-19 12:26:02 +02:00
Jan Grulich
3c72a01f6b Fix out-of-bounds read in Exiv2::Jp2Image::printStructure
Resolves: bz#1993247

Fix out-of-bounds read in Exiv2::Jp2Image::encodeJp2Header
Resolves: bz#1993284
2021-08-18 08:48:10 +02:00
Mohan Boddu
c11c9e4733 Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
Signed-off-by: Mohan Boddu <mboddu@redhat.com>
2021-08-09 19:57:50 +00:00
Jan Grulich
c648731b3a Do not duplicate changelog file
Resolves: bz#1989848
2021-08-05 07:55:46 +02:00
Jan Grulich
e8a1ebe08b 0.27.4
Resolves: bz#1989848
2021-08-04 14:59:04 +02:00
Jan Grulich
89d89dc6cf Bump version for rebuild (binutils)
Resolves: bz#1964183
Resolves: bz#1964189
2021-06-01 08:15:30 +02:00
Jan Grulich
99c067b851 CVE-2021-29623 exiv2: a read of uninitialized memory may lead to information leak
Resolves: bz#1964183

CVE-2021-32617 exiv2: DoS due to quadratic complexity in ProcessUTF8Portion
Resolves: bz#1964189
2021-05-25 12:13:08 +02:00
Jan Grulich
8210e83162 CVE-2021-3482: Fix heap-based buffer overflow in Jp2Image::readMetadata()
CVE-2021-29458 exiv2: out-of-bounds read in Exiv2::Internal::CrwMap::encode
CVE-2021-29457 exiv2: heap-based buffer overflow in Exiv2::Jp2Image::doWriteMetadata
CVE-2021-29470 exiv2: out-of-bounds read in Exiv2::Jp2Image::encodeJp2Header
CVE-2021-29473 exiv2: out-of-bounds read in Exiv2::Jp2Image::doWriteMetadata
Resolves: bz#1956174
2021-05-03 13:55:41 +02:00
Mohan Boddu
7cd05b33ca - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
Signed-off-by: Mohan Boddu <mboddu@redhat.com>
2021-04-15 23:15:38 +00:00
DistroBaker
cdfa9c040d Merged update from upstream sources
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/exiv2.git#5ff549398b6b817cac9be038fd859891b329a605
2021-02-03 13:28:10 +01:00
Petr Šabata
b42a78d59b RHEL 9.0.0 Alpha bootstrap
The content of this branch was automatically imported from Fedora ELN
with the following as its source:
https://src.fedoraproject.org/rpms/exiv2#599d4f623bda8c4608969bc672e6c4392e4c35aa
2020-10-15 00:10:15 +02:00