Summary: | <media-gfx/exif-0.6.22-r1: null pointer dereference (CVE-2021-27815) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | maintainer-needed |
Priority: | Normal | Keywords: | PullRequest |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/libexif/exif/issues/4 | ||
See Also: | https://github.com/gentoo/gentoo/pull/26271 | ||
Whiteboard: | B3 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 866239 | ||
Bug Blocks: |
Description
John Helmert III
2021-04-17 23:52:28 UTC
Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bd33507695886a6e0936f556cf6ec9de7595e7f9 commit bd33507695886a6e0936f556cf6ec9de7595e7f9 Author: Federico Denkena <federico.denkena@posteo.de> AuthorDate: 2022-07-07 20:36:01 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-07-08 22:14:34 +0000 media-gfx/exif: Security fix for CVE-2021-27815 This commit adds two patches from upstream and bumps the revision. Bug: https://bugs.gentoo.org/783522 Signed-off-by: Federico Denkena <federico.denkena@posteo.de> Signed-off-by: Sam James <sam@gentoo.org> media-gfx/exif/exif-0.6.22-r1.ebuild | 31 +++++++++++++++++ .../files/exif-0.6.22-empty-string-check.patch | 40 ++++++++++++++++++++++ 2 files changed, 71 insertions(+) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cccd68bec11001d70da69997730018e5151a7483 commit cccd68bec11001d70da69997730018e5151a7483 Author: John Helmert III <ajak@gentoo.org> AuthorDate: 2022-10-22 02:31:35 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-10-22 02:31:35 +0000 media-gfx/exif: drop 0.6.22 Bug: https://bugs.gentoo.org/783522 Signed-off-by: John Helmert III <ajak@gentoo.org> media-gfx/exif/exif-0.6.22.ebuild | 27 --------------------------- 1 file changed, 27 deletions(-) GLSA request filed The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=72cd35ddebf893b0640052a4f1534e697700fc8f commit 72cd35ddebf893b0640052a4f1534e697700fc8f Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-10-31 01:23:34 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-10-31 01:40:16 +0000 [ GLSA 202210-28 ] exif: Denial of Service Bug: https://bugs.gentoo.org/783522 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202210-28.xml | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) GLSA released, all done! |