[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 2019-1] exiv2 security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : exiv2
Version        : 0.24-4.1+deb8u5
CVE ID         : CVE-2019-17402


A corrupted or specially crafted CRW images might exceed the overall
buffersize to cause a denial of service.

For Debian 8 "Jessie", this problem has been fixed in version
0.24-4.1+deb8u5.

We recommend that you upgrade your exiv2 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEmjwHvQbeL0FugTpdYS7xYT4FD1QFAl3lmE8ACgkQYS7xYT4F
D1S3Kw//fo8jOpZ8lR8sS/qbuam+28MunJVxUcaUdCyEMDjvtV/5S+grEvKPEJRd
E5Sc0cPOJ+mF/KOP9rlXgvIzSDhOTbzoAvbj4VE1KwW8jd+OO0S7y+DdEh0YoXDf
19MQU/oyoGdz80Ag/MCvPp8Mb74fnNAqNWZ92E2psFWTU+x3X2r+giLfsCWGRN3Z
kVQGJc5J6fzVxZxUqAfiZFew+sAmEkblCefFenvIr6zvd5sNoaGAxr0hyJNGBASd
hU2hH3Ot97vr9n0oiQEDaYNFqF+LgDIVFTSLNiMp4kMx3ar3q8OYRYAdOfArF8+A
U/pOypQZ9T3a2oKes9hn6FfJHzkNuUFSpLkIRWmPjJlNWtmptG1ndxMC1UVSY31z
jKUMiuzVIBJR+WnRykoGbnnbr0feu8DUnqr1fEGLTQgdHG/Ku45fsz/bA9iqi8vi
+1+1LbIL3L9xsAd/pI2t5DF85p4iK8W2hBToQkblYTKAkbWCmNbeI5bVxo8wJTc+
zbsz+WqoDmBbfj3jkzpbDEfgoqhBciyFim9GqwY3kRm/Kf/3jcnGLe+vFc0CMdjS
GU+duhFtEPGLgQUOICJSWMIc6DQ8FUvS8tCTIPazbzzfpFFP/D+nUf8nx0CjXLBP
ymVc2dIYN9XaI8MA60T6I5Gh3FvysVdKrcs6w7YThfcoyP/oj4s=
=kXMF
-----END PGP SIGNATURE-----


Reply to: