Exiv2: Multiple vulnerabilities
Multiple vulnerabilities have been found in Exiv2, the worst of
which could result in a Denial of Service condition.
exiv2
2018-11-24
2018-11-24
647810
647812
647816
652822
655842
655958
658236
remote
0.26_p20180811-r3
0.26_p20180811-r3
Exiv2 is a C++ library and a command line utility to manage image
metadata.
Multiple vulnerabilities have been discovered in Exiv2. Please review
the CVE identifiers referenced below for details.
A remote attacker could cause a Denial of Service condition or obtain
sensitive information via a specially crafted file.
There is no known workaround at this time.
All Exiv2 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose
">=media-gfx/exiv2-0.26_p20180811-r3"
CVE-2017-17723
CVE-2017-17724
CVE-2018-10780
CVE-2018-10958
CVE-2018-10998
CVE-2018-10999
CVE-2018-11037
CVE-2018-11531
CVE-2018-12264
CVE-2018-12265
CVE-2018-5772
CVE-2018-8976
CVE-2018-8977
CVE-2018-9144
CVE-2018-9145
CVE-2018-9146
CVE-2018-9303
CVE-2018-9304
CVE-2018-9305
CVE-2018-9306
BlueKnight
b-man