diff options
author | wangmy <wangmy@fujitsu.com> | 2021-05-18 16:03:31 +0800 |
---|---|---|
committer | Armin Kuster <akuster808@gmail.com> | 2021-05-22 15:34:46 -0700 |
commit | d3f0f8957f7ab59375f25d504fa233d71b1871c6 (patch) | |
tree | d21d5db5fe63e583b6accc0d1227578b662c9407 /meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29464.patch | |
parent | 0e8fcf0e774e17ea72785d5d95356bc6ee9133ee (diff) | |
download | meta-openembedded-d3f0f8957f7ab59375f25d504fa233d71b1871c6.tar.gz |
exiv2: Fix CVE-2021-3482
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3482
Improper input validation of the rawData.size property in Jp2Image::readMetadata() in jp2image.cpp
can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data.
Upstream-Status: Accepted [https://github.com/Exiv2/exiv2/pull/1523/commits/22ea582c6b74ada30bec3a6b15de3c3e52f2b4da]
CVE: CVE-2021-3482
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9e7c2c9713dc2824af2a33b0a3feb4f29e7f0269)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29464.patch')
0 files changed, 0 insertions, 0 deletions