+ +2.6.0 - 2022/02/13 + +[...] + - Changes in v2021.08 + - Security Fixes + [...] + - Changes in v2021.07 + - Security Fixes + [...] +2.5.1 - 2019/07/28 + +- Bug #9: [CVE-2018-12648] Fix null-pointer-dereference in WEBP. + https://gitlab.freedesktop.org/libopenraw/exempi/issues/9 +- Bug #12: Invalid WEBP cause a memory overflow. + https://gitlab.freedesktop.org/libopenraw/exempi/issues/12 +- Bug #13: Fix a buffer a overflow in ID3 support on invalid MP3. + https://gitlab.freedesktop.org/libopenraw/exempi/issues/13 +- Bug #14: Invalid MP3 cause a memory overflow. + https://gitlab.freedesktop.org/libopenraw/exempi/issues/14
Sorry, we covered CVE-2018-12648 in bug 659038, but not the others.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6f492d0793709293271563e8ee7453b0a096187f commit 6f492d0793709293271563e8ee7453b0a096187f Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2023-02-07 19:54:38 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2023-02-07 20:08:56 +0000 media-libs/exempi: Cleanup vulnerable 2.4.5-r1 Bug: https://bugs.gentoo.org/878757 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> media-libs/exempi/Manifest | 1 - media-libs/exempi/exempi-2.4.5-r1.ebuild | 61 ---------------------- .../exempi/files/exempi-2.4.5-CVE-2018-12648.patch | 42 --------------- media-libs/exempi/files/exempi-2.4.5-gcc11.patch | 11 ---- 4 files changed, 115 deletions(-)