Source: exiv2 Version: 0.28.0+dfsg-4 Severity: grave Tags: security upstream Justification: user security hole X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
Hi, The following vulnerability was published for exiv2. CVE-2023-44398[0]: | Exiv2 is a C++ library and a command-line utility to read, write, | delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of- | bounds write was found in Exiv2 version v0.28.0. The vulnerable | function, `BmffImage::brotliUncompress`, is new in v0.28.0, so | earlier versions of Exiv2 are _not_ affected. The out-of-bounds | write is triggered when Exiv2 is used to read the metadata of a | crafted image file. An attacker could potentially exploit the | vulnerability to gain code execution, if they can trick the victim | into running Exiv2 on a crafted image file. This bug is fixed in | version v0.28.1. Users are advised to upgrade. There are no known | workarounds for this vulnerability. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2023-44398 https://www.cve.org/CVERecord?id=CVE-2023-44398 [1] https://github.com/Exiv2/exiv2/security/advisories/GHSA-hrw9-ggg3-3r4r Regards, Salvatore