HomeFreeBSD

graphics/libexif: Fix security vulnerabilities

Description

graphics/libexif: Fix security vulnerabilities

  • Fix CVE-2019-9278

    In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider with no additional execution privileges needed. User interaction is needed for exploitation.
  • Fix a buffer read overflow in exif_entry_get_value
  • Fix a buffer overread in exif_mnote_data_olympus_load

PR: 244060
Reported by: tj@mrsk.me (email)
Approved by: former maintainer
MFH: 2020Q1
Security: 00f30cba-4d23-11ea-86ba-641c67a117d8

Details

Provenance
dbaioAuthored on
Parents
rP526070: Update to 1.7.0
Branches
Unknown
Tags
Unknown