aboutsummaryrefslogtreecommitdiffstats
path: root/contrib
diff options
context:
space:
mode:
authorwangmy <wangmy@fujitsu.com>2021-05-18 16:03:31 +0800
committerArmin Kuster <akuster808@gmail.com>2021-05-22 15:34:46 -0700
commitd3f0f8957f7ab59375f25d504fa233d71b1871c6 (patch)
treed21d5db5fe63e583b6accc0d1227578b662c9407 /contrib
parent0e8fcf0e774e17ea72785d5d95356bc6ee9133ee (diff)
downloadmeta-openembedded-d3f0f8957f7ab59375f25d504fa233d71b1871c6.tar.gz
meta-openembedded-d3f0f8957f7ab59375f25d504fa233d71b1871c6.tar.bz2
meta-openembedded-d3f0f8957f7ab59375f25d504fa233d71b1871c6.zip
exiv2: Fix CVE-2021-3482
References https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3482 Improper input validation of the rawData.size property in Jp2Image::readMetadata() in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data. Upstream-Status: Accepted [https://github.com/Exiv2/exiv2/pull/1523/commits/22ea582c6b74ada30bec3a6b15de3c3e52f2b4da] CVE: CVE-2021-3482 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 9e7c2c9713dc2824af2a33b0a3feb4f29e7f0269) Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'contrib')
0 files changed, 0 insertions, 0 deletions