UbuntuUpdates.org

Package "libimage-exiftool-perl"

Name: libimage-exiftool-perl

Description:

library and program to read and write meta information in multimedia files

Latest version: 11.88-1ubuntu0.1
Release: focal (20.04)
Level: updates
Repository: universe
Homepage: https://exiftool.org/

Links


Download "libimage-exiftool-perl"


Other versions of "libimage-exiftool-perl" in Focal

Repository Area Version
base universe 11.88-1
security universe 11.88-1ubuntu0.1

Changelog

Version: 11.88-1ubuntu0.1 2021-06-10 21:06:30 UTC

  libimage-exiftool-perl (11.88-1ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: Arbitrary code execution
    - debian/patches/CVE-2021-22204.patch: Improper neutralization of user
      data in the DjVu file format in ExifTool versions 7.44 and up allows
      arbitrary code execution when parsing the malicious image. (LP: #1925985)
      Thanks to William Bowling for the bug report on Launchpad.
      Thanks to Gregor Herrmann for backporting the patch.
      From debian release 12.16+dfsg-2.
    - CVE-2021-22204

 -- hugo buddelmeijer <email address hidden> Wed, 09 Jun 2021 20:39:41 +0200

1925985 CVE-2021-22204
CVE-2021-22204 Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malici



About   -   Send Feedback to @ubuntu_updates