Tags: security upstream
the following vulnerability was published for exiv2.
| There is a heap-based buffer over-read in the
| Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunk_int.cpp in
| Exiv2 0.26. A crafted PNG file will lead to a remote denial of service
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
pkg-kde-extras mailing list