MDVSA-2008:006
- Nom du paquet
- exiv2
- Date
- 2008-01-10
- Advisory ID
- MDVSA-2008:006
- Affected versions
- 2008.0 x86_64 , 2008.0 i586 , 2007.1 i586 , 2007.1 x86_64
Problem description
An integer overflow in the Exiv2 library allows context-dependent
attackers to execute arbitrary code via a crafted EXIF file that
triggers a heap-based buffer overflow.
The updated packages have been patched to correct these issues.
Updated packages
2008.0 x86_64
f9e4cc439fa9444972f7755a7c2cee0d 2008.0/x86_64/exiv2-0.15-2.1mdv2008.0.x86_64.rpm 00ce23b495092284b73d2ec29bbba4cf 2008.0/x86_64/lib64exiv2-0.15-2.1mdv2008.0.x86_64.rpm d716f5eaebd041364d409569980f1f8b 2008.0/x86_64/lib64exiv2-devel-0.15-2.1mdv2008.0.x86_64.rpm 78ea6a6e976bf2c6097bc0a122282434 2008.0/SRPMS/exiv2-0.15-2.1mdv2008.0.src.rpm
2008.0 i586
9b81584225e84a2a5bc08110bb404441 2008.0/i586/exiv2-0.15-2.1mdv2008.0.i586.rpm 014a0adbac5779e8178b77cd5e09a401 2008.0/i586/libexiv2-0.15-2.1mdv2008.0.i586.rpm acac434936c9d130e0209107e44b01eb 2008.0/i586/libexiv2-devel-0.15-2.1mdv2008.0.i586.rpm 78ea6a6e976bf2c6097bc0a122282434 2008.0/SRPMS/exiv2-0.15-2.1mdv2008.0.src.rpm
2007.1 i586
290bc944bde4ad24657c9ee13d4534fa 2007.1/i586/exiv2-0.13-1.1mdv2007.1.i586.rpm 7614143070ac823195d7336a9655e76d 2007.1/i586/libexiv2-0.13-1.1mdv2007.1.i586.rpm 74450450b9a598a3544e46d2bb4242a9 2007.1/i586/libexiv2-devel-0.13-1.1mdv2007.1.i586.rpm e212cd2efcb56fbe00e892ebfec25d29 2007.1/SRPMS/exiv2-0.13-1.1mdv2007.1.src.rpm
2007.1 x86_64
e2eb212bb7bd0a427345ac369cb0c3e4 2007.1/x86_64/exiv2-0.13-1.1mdv2007.1.x86_64.rpm 3c88001c423399c87112be1f90512131 2007.1/x86_64/lib64exiv2-0.13-1.1mdv2007.1.x86_64.rpm 0eed3499a9da4580f93b03e45d793ff1 2007.1/x86_64/lib64exiv2-devel-0.13-1.1mdv2007.1.x86_64.rpm e212cd2efcb56fbe00e892ebfec25d29 2007.1/SRPMS/exiv2-0.13-1.1mdv2007.1.src.rpm