exiv2 security update

🗓️ 18 Sep 2019 20:54:21Reported by CentOS ProjectType

centos

centos🔗 lists.centos.org👁 113 Views

Security update for exiv2 packag

Reporter	Title	Published	Views	Family All 573
ATTACKERKB	CVE-2018-9146	21 Feb 202603:47	–	attackerkb
ATTACKERKB	CVE-2018-19535	26 Nov 201802:29	–	attackerkb
ATTACKERKB	CVE-2018-8976	25 Mar 201803:29	–	attackerkb
ATTACKERKB	CVE-2018-8977	25 Mar 201803:29	–	attackerkb
Tenable Nessus	Amazon Linux 2 : exiv2 (ALAS-2019-1339)	25 Oct 201900:00	–	nessus
Tenable Nessus	AlmaLinux 8 : exiv2 (ALSA-2020:1577)	9 Feb 202200:00	–	nessus
Tenable Nessus	CentOS 8 : exiv2 (CESA-2020:1577)	1 Feb 202100:00	–	nessus
Tenable Nessus	CentOS 7 : exiv2 (CESA-2019:2101)	19 Sep 201900:00	–	nessus
Tenable Nessus	Debian DLA-1402-1 : exiv2 security update	28 Jun 201800:00	–	nessus
Tenable Nessus	Debian DLA-1551-1 : exiv2 security update	22 Oct 201800:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
CentOS	7	x86_64	exiv2	0.27.0-2.el7_6	exiv2-0.27.0-2.el7_6.x86_64.rpm
CentOS	7	i686	exiv2-devel	0.27.0-2.el7_6	exiv2-devel-0.27.0-2.el7_6.i686.rpm
CentOS	7	x86_64	exiv2-devel	0.27.0-2.el7_6	exiv2-devel-0.27.0-2.el7_6.x86_64.rpm
CentOS	7	noarch	exiv2-doc	0.27.0-2.el7_6	exiv2-doc-0.27.0-2.el7_6.noarch.rpm
CentOS	7	i686	exiv2-libs	0.27.0-2.el7_6	exiv2-libs-0.27.0-2.el7_6.i686.rpm
CentOS	7	x86_64	exiv2-libs	0.27.0-2.el7_6	exiv2-libs-0.27.0-2.el7_6.x86_64.rpm

Source	Link
twitter	www.twitter.com/centos
steadfast	www.steadfast.net/
linkedin	www.linkedin.com/groups/22405
access	www.access.redhat.com/errata/RHSA-2019:2101
youtube	www.youtube.com/TheCentOSProject
facebook	www.facebook.com/groups/centosproject/
reddit	www.reddit.com/r/CentOS/

18 Sep 2019 20:54Current

6.7Medium risk

Vulners AI Score6.7

CVSS 26.8

CVSS 38.8

CVSS 3.16.5

EPSS0.02356

centos security advisory exiv2 image metadata cve heap buffer overflow out of bounds read invalid memory access information leak integer overflow buffer over-read sigabrt denial of service red hat enterprise linux