Package "jhead"

Name:	jhead
Description:	manipulate the non-image part of Exif compliant JPEG files
Latest version:	1:3.06.0.1-2ubuntu0.22.04.1
Release:	jammy (22.04)
Level:	updates
Repository:	universe
Homepage:	https://www.sentex.net/~mwandel/jhead/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "jhead"

32-bit deb package

64-bit deb package

APT INSTALL

Other versions of "jhead" in Jammy

Repository	Area	Version
base	universe	1:3.06.0.1-2
security	universe	1:3.06.0.1-2ubuntu0.22.04.1

Changelog

Version: 1:3.06.0.1-2ubuntu0.22.04.1 2023-05-25 09:07:08 UTC

jhead (1:3.06.0.1-2ubuntu0.22.04.1) jammy-security; urgency=medium * SECURITY UPDATE: heap buffer overflow while rotating an image - debian/patches/CVE-2021-34055.patch: If a read EXIF section in jpgfile.c, then discard it. - CVE-2021-34055 * SECURITY UPDATE: code execution when regenerating the Exif thumbnail - debian/patches/CVE-2022-41751.patch: Adds a check in jhead.c for dangerous characters in filenames. - CVE-2022-41751 -- George-Andrei Iosif <email address hidden> Wed, 24 May 2023 14:13:36 +0300

CVE-2021-34055	jhead 3.06 is vulnerable to Buffer Overflow via exif.c in function Put16u.
CVE-2022-41751	Jhead 3.06.0.1 allows attackers to execute arbitrary OS commands by placing them in a JPEG filename and then using the regeneration -rgt50 option.

About - Send Feedback to @ubuntu_updates

Package "jhead"

Links

Download "jhead"

Other versions of "jhead" in Jammy

Changelog

Share this page

Bookmarks

Latest updates

proposed

updates

PPA updates