/[ports]
ViewVC logotype

Revision 526071

Jump to revision: Previous Next
Author: dbaio
Date: Thu Feb 13 22:59:12 2020 UTC (4 years, 4 months ago)
Changed paths: 5
Log Message: 
graphics/libexif: Fix security vulnerabilities

 - Fix CVE-2019-9278

  In libexif, there is a possible out of bounds write due to an integer
  overflow. This could lead to remote escalation of privilege in the media
  content provider with no additional execution privileges needed. User
  interaction is needed for exploitation.

 - Fix a buffer read overflow in exif_entry_get_value

 - Fix a buffer overread in exif_mnote_data_olympus_load

PR:		244060
Reported by:	tj@mrsk.me (email)
Approved by:	former maintainer
MFH:		2020Q1
Security:	00f30cba-4d23-11ea-86ba-641c67a117d8

Changed paths

Path Details
Directoryhead/graphics/libexif/Makefile modified , text changed
Directoryhead/graphics/libexif/files/ added
Directoryhead/graphics/libexif/files/patch-CVE-2019-9278 added
Directoryhead/graphics/libexif/files/patch-chromium-7344-and-14543 added
Directoryhead/graphics/libexif/files/patch-chromium-8884 added
  ViewVC Help
Powered by ViewVC 1.1.27