Packages
- exiv2 - EXIF/IPTC/XMP metadata manipulation tool
Details
USN-5043-1 fixed vulnerabilities in Exiv2. The update introduced a new regression
that could cause a crash in applications using libexiv2. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that Exiv2 incorrectly handled certain image files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2021-37620)
USN-5043-1 fixed vulnerabilities in Exiv2. The update introduced a new regression
that could cause a crash in applications using libexiv2. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that Exiv2 incorrectly handled certain image files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2021-37620)
Update instructions
In general, a standard system update will make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
Ubuntu Release | Package Version | ||
---|---|---|---|
21.10 impish | exiv2 – 0.27.3-3ubuntu4.1 | ||
libexiv2-27 – 0.27.3-3ubuntu4.1 | |||
21.04 hirsute | exiv2 – 0.27.3-3ubuntu1.6 | ||
libexiv2-27 – 0.27.3-3ubuntu1.6 | |||
20.04 focal | exiv2 – 0.27.2-8ubuntu2.7 | ||
libexiv2-27 – 0.27.2-8ubuntu2.7 |
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.