(RHSA-2020:4030) Low: exiv2 security update

2020-09-29T11:52:54
ID RHSA-2020:4030
Type redhat
Reporter RedHat
Modified 2020-09-29T13:42:36

Description

The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments.

Security Fix(es):

  • exiv2: out-of-bounds read in CiffDirectory::readDirectory due to lack of size check (CVE-2019-17402)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.