Debian Security Advisory 4958-1

Debian Security Advisory 4958-1: Posted Aug 28, 2021; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4958-1 - Several vulnerabilities have been discovered in Exiv2, a C++ library and a command line utility to manage image metadata which could result in denial of service or the execution of arbitrary code if a malformed file is parsed.; tags | advisory, denial of service, arbitrary, vulnerability; systems | linux, debian; advisories | CVE-2019-20421, CVE-2021-29457, CVE-2021-29473, CVE-2021-31292, CVE-2021-3482; SHA-256 | ce39898f17e1fdc88655eae8c1df6a05ea93369c0eca23b7aadf728f15c01b45; Download | Favorite | View

Debian Security Advisory 4958-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4958-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
August 13, 2021                       https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : exiv2
CVE ID         : CVE-2019-20421 CVE-2021-3482 CVE-2021-29457
                 CVE-2021-29473 CVE-2021-31292

Several vulnerabilities have been discovered in Exiv2, a C++ library and
a command line utility to manage image metadata which could result in
denial of service or the execution of arbitrary code if a malformed
file is parsed.

For the stable distribution (buster), these problems have been fixed in
version 0.25-4+deb10u2.

We recommend that you upgrade your exiv2 packages.

For the detailed security status of exiv2 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/exiv2

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmEW288ACgkQEMKTtsN8
TjZYjBAAthvNoNpRDMdiBEALY9RbyOucB+l1UmFpMyhDNvJjeTL+Bgv4zmJwXVSY
tzsc7YgcRl226ctBS7Ug89P/i/SD4/I3PrDGOI85tiQQ98UN9132RRqxYsu8U2Ku
fpwzwfReRr8f1vuZRvnLzkAF0OQIAzwz9aCsaTG4VPywWz3ZySSXtWXAjT0cTBK5
8wXWJh2UgLF6uYlRkopxrou8vHrwXyJX6bO2v6DF0pToq4EU/bIdnfWzEddByxtp
BcQ9ZZoY283Hhy/W1dDyuRsmgiPQtM5ow2NFd+UqixpxZonetP0DX9Xiijvkrjgl
SryAvkRb3IlKDcDJdU5BoLbUhpmLqHR0WRWMy3Ab4KyR2U25oSs3Qo0/44b99AJe
8Dajhwp5uRa9JM0Ei7Wap/TIPFEExBhhLf25cIQOlFA1WxwhV+FNm6fDIHgs+Lyx
/YTNZY3DeLi7lu7wmzUeBrEC5wdjz21ZmetBAhJo+Qf+BFr9MCmEu2h7axZHz2qK
qcP71LTkD507+aFTXaR6XJAlMVJoLUsJqboBgov6Dbs+mFrmTMl2BxEaExhnV9FF
hCoI0l6Ffw1HG05/o81RHqfDj+t0fyr72DDE6fPIC9faP671NBVDaQTGiLj5odHW
MdO0WAUuBVT+befKHiqJ2LhK34z7iN+dDEY9C59+LTBh1mQe7Mw=
=k44q
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 295 files
Ubuntu 58 files
Debian 33 files
Gentoo 32 files
LiquidWorm 10 files
Apple 9 files
malvuln 6 files
Adam Gowdiak 4 files
nu11secur1ty 4 files
Ahmet Umit Bayram 4 files

File Archives

Systems

AIX (429)
Apple (2,087)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,042)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,499)
HPUX (880)
iOS (375)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,598)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,755)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,493)
UNIX (9,400)
UnixWare (187)
Windows (6,659)
Other

Debian Security Advisory 4958-1

Debian Security Advisory 4958-1

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 4958-1

Share This

Debian Security Advisory 4958-1

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems