Package: exiv2
Severity: grave
Tags: security, patch
Justification: user security hole

the following CVE (Common Vulnerabilities & Exposures) id was
published for exiv2.

Exiv2 0.16 allows user-assisted remote attackers to cause a denial of
service (divide-by-zero and application crash) via a zero value in Nikon
lens information in the metadata of an image, related to "pretty
printing" and the RationalValue::toLong function. 

See upstream patch at:

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

For further information see:


pkg-kde-extras mailing list

Reply via email to