[Touch-packages] [Bug 1923479] Re: out of buffer access and Integer overflow in Exiv2
This bug was fixed in the package exiv2 - 0.27.2-8ubuntu2.2 --- exiv2 (0.27.2-8ubuntu2.2) focal-security; urgency=medium * SECURITY UPDATE: Heap buffer overflow - debian/patches/CVE-2021-3482-*.patch: fix buffer overflow in src/jp2image.cpp and adds tests test/data/poc_1522.jp2, tests/bugfixes/github/test_issue_1522.py. - debian/source/include-binaries: add poc_1522.jp2 entry. - CVE-2021-3482 * SECURITY UPDATE: An out of buffer access - debian/patches/CVE-2021-29457.patch: fix in src/jp2image.cpp (LP: #1923479) - CVE-2021-29457 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2021-29458.patch: fix in src/crwimage_int.cpp (LP: #1923479) - CVE-2021-29458 * SECURITY UPDATE: Out-of-bounds - debian/patches/CVE-2021-29470-*.patch: Add more bound checks in Jp2Image::encodeJp2Header and add some tests from/for github. - CVE-2021-29470 -- Leonidas Da Silva Barbosa Tue, 13 Apr 2021 09:49:39 -0300 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to exiv2 in Ubuntu. https://bugs.launchpad.net/bugs/1923479 Title: out of buffer access and Integer overflow in Exiv2 Status in exiv2 package in Ubuntu: Fix Released Bug description: An out of buffer access: https://github.com/Exiv2/exiv2/commit/13e5a3e02339b746abcaee6408893ca2fd8e289d and a Integer overflow : https://github.com/Exiv2/exiv2/commit/9b7a19f957af53304655ed1efe32253a1b11a8d0 affects Exiv2 in ubuntu releases To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/exiv2/+bug/1923479/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1923479] Re: out of buffer access and Integer overflow in Exiv2
This bug was fixed in the package exiv2 - 0.27.3-3ubuntu1.1 --- exiv2 (0.27.3-3ubuntu1.1) hirsute-security; urgency=medium * SECURITY UPDATE: Heap buffer overflow - debian/patches/CVE-2021-3482-*.patch: fix buffer overflow in src/jp2image.cpp and adds tests test/data/poc_1522.jp2, tests/bugfixes/github/test_issue_1522.py. - debian/source/include-binaries: add poc_1522.jp2 entry. - CVE-2021-3482 * SECURITY UPDATE: An out of buffer access - debian/patches/CVE-2021-29457.patch: fix in src/jp2image.cpp (LP: #1923479) - CVE-2021-29457 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2021-29458.patch: fix in src/crwimage_int.cpp (LP: #1923479) - CVE-2021-29458 * SECURITY UPDATE: Out-of-bounds - debian/patches/CVE-2021-29470-*.patch: Add more bound checks in Jp2Image::encodeJp2Header and add some tests from/for github. - CVE-2021-29470 -- Leonidas Da Silva Barbosa Mon, 12 Apr 2021 14:47:29 -0300 ** Changed in: exiv2 (Ubuntu) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to exiv2 in Ubuntu. https://bugs.launchpad.net/bugs/1923479 Title: out of buffer access and Integer overflow in Exiv2 Status in exiv2 package in Ubuntu: Fix Released Bug description: An out of buffer access: https://github.com/Exiv2/exiv2/commit/13e5a3e02339b746abcaee6408893ca2fd8e289d and a Integer overflow : https://github.com/Exiv2/exiv2/commit/9b7a19f957af53304655ed1efe32253a1b11a8d0 affects Exiv2 in ubuntu releases To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/exiv2/+bug/1923479/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1923479] Re: out of buffer access and Integer overflow in Exiv2
This bug was fixed in the package exiv2 - 0.27.3-3ubuntu0.2 --- exiv2 (0.27.3-3ubuntu0.2) groovy-security; urgency=medium * SECURITY UPDATE: Heap buffer overflow - debian/patches/CVE-2021-3482-*.patch: fix buffer overflow in src/jp2image.cpp and adds tests test/data/poc_1522.jp2, tests/bugfixes/github/test_issue_1522.py. - debian/source/include-binaries: add poc_1522.jp2 entry. - CVE-2021-3482 * SECURITY UPDATE: An out of buffer access - debian/patches/CVE-2021-29457.patch: fix in src/jp2image.cpp (LP: #1923479) - CVE-2021-29457 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2021-29458.patch: fix in src/crwimage_int.cpp (LP: #1923479) - CVE-2021-29458 * SECURITY UPDATE: Out-of-bounds - debian/patches/CVE-2021-29470-*.patch: Add more bound checks in Jp2Image::encodeJp2Header and add some tests from/for github. - CVE-2021-29470 -- Leonidas Da Silva Barbosa Mon, 12 Apr 2021 15:25:12 -0300 ** Changed in: exiv2 (Ubuntu) Status: In Progress => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-29470 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3482 ** Changed in: exiv2 (Ubuntu) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to exiv2 in Ubuntu. https://bugs.launchpad.net/bugs/1923479 Title: out of buffer access and Integer overflow in Exiv2 Status in exiv2 package in Ubuntu: Fix Released Bug description: An out of buffer access: https://github.com/Exiv2/exiv2/commit/13e5a3e02339b746abcaee6408893ca2fd8e289d and a Integer overflow : https://github.com/Exiv2/exiv2/commit/9b7a19f957af53304655ed1efe32253a1b11a8d0 affects Exiv2 in ubuntu releases To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/exiv2/+bug/1923479/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1923479] Re: out of buffer access and Integer overflow in Exiv2
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-29458 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to exiv2 in Ubuntu. https://bugs.launchpad.net/bugs/1923479 Title: out of buffer access and Integer overflow in Exiv2 Status in exiv2 package in Ubuntu: In Progress Bug description: An out of buffer access: https://github.com/Exiv2/exiv2/commit/13e5a3e02339b746abcaee6408893ca2fd8e289d and a Integer overflow : https://github.com/Exiv2/exiv2/commit/9b7a19f957af53304655ed1efe32253a1b11a8d0 affects Exiv2 in ubuntu releases To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/exiv2/+bug/1923479/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1923479] Re: out of buffer access and Integer overflow in Exiv2
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-29457 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to exiv2 in Ubuntu. https://bugs.launchpad.net/bugs/1923479 Title: out of buffer access and Integer overflow in Exiv2 Status in exiv2 package in Ubuntu: In Progress Bug description: An out of buffer access: https://github.com/Exiv2/exiv2/commit/13e5a3e02339b746abcaee6408893ca2fd8e289d and a Integer overflow : https://github.com/Exiv2/exiv2/commit/9b7a19f957af53304655ed1efe32253a1b11a8d0 affects Exiv2 in ubuntu releases To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/exiv2/+bug/1923479/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1923479] Re: out of buffer access and Integer overflow in Exiv2
A security update will be issue in next days to fix it on Ubuntu releases. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to exiv2 in Ubuntu. https://bugs.launchpad.net/bugs/1923479 Title: out of buffer access and Integer overflow in Exiv2 Status in exiv2 package in Ubuntu: In Progress Bug description: An out of buffer access: https://github.com/Exiv2/exiv2/commit/13e5a3e02339b746abcaee6408893ca2fd8e289d and a Integer overflow : https://github.com/Exiv2/exiv2/commit/9b7a19f957af53304655ed1efe32253a1b11a8d0 affects Exiv2 in ubuntu releases To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/exiv2/+bug/1923479/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1923479] Re: out of buffer access and Integer overflow in Exiv2
issued* -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to exiv2 in Ubuntu. https://bugs.launchpad.net/bugs/1923479 Title: out of buffer access and Integer overflow in Exiv2 Status in exiv2 package in Ubuntu: In Progress Bug description: An out of buffer access: https://github.com/Exiv2/exiv2/commit/13e5a3e02339b746abcaee6408893ca2fd8e289d and a Integer overflow : https://github.com/Exiv2/exiv2/commit/9b7a19f957af53304655ed1efe32253a1b11a8d0 affects Exiv2 in ubuntu releases To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/exiv2/+bug/1923479/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1923479] Re: out of buffer access and Integer overflow in Exiv2
There are no CVEs for this issues so far. ** Changed in: exiv2 (Ubuntu) Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to exiv2 in Ubuntu. https://bugs.launchpad.net/bugs/1923479 Title: out of buffer access and Integer overflow in Exiv2 Status in exiv2 package in Ubuntu: In Progress Bug description: An out of buffer access: https://github.com/Exiv2/exiv2/commit/13e5a3e02339b746abcaee6408893ca2fd8e289d and a Integer overflow : https://github.com/Exiv2/exiv2/commit/9b7a19f957af53304655ed1efe32253a1b11a8d0 affects Exiv2 in ubuntu releases To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/exiv2/+bug/1923479/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
