1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 4910-1] libimage-exiftool-perl security update

    From Salvatore Bonaccorso@21:1/5 to All on Sun May 2 17:50:03 2021
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4910-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso
    May 02, 2021 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : libimage-exiftool-perl
    CVE ID : CVE-2021-22204
    Debian Bug : 987505

    A vulnerability was discovered in libimage-exiftool-perl, a library and
    program to read and write meta information in multimedia files, which
    may result in execution of arbitrary code if a malformed DjVu file is processed.

    For the stable distribution (buster), this problem has been fixed in
    version 11.16-1+deb10u1.

    We recommend that you upgrade your libimage-exiftool-perl packages.

    For the detailed security status of libimage-exiftool-perl please refer
    to its security tracker page at: https://security-tracker.debian.org/tracker/libimage-exiftool-perl

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmCOyWRfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0QSRhAAlITZKY+WtOmQR5elCvjXIOcycvrwGKm8ptxJM2E0Pus4+lggJmhwW9Hs ovTZdNOB+Ko8hEo4uJ6sjijQsSBgxcWQZBmcGZg9tve16tXpg6s85H66PGVQ2fY3 3NT639j4VgJdw8qpGQNJYm1WqXZYydMFwxgxyn++fEJ+ZZxCQYVFkhPsWaIsBenV drN8HKYhpN0tnTFMudlQV2DZgNz6HWw/CcQAIPzzhfe0W3WaFDSaVv+Hj4UxQmmE /uOx1Q15nnh5pEiFSit03Ar4aLCJ5HinheW93P/i5kLtFk+Z00Kg43oMizgvUuZQ BDu2hsFLFtjJTfdO34UP5V/En2BAavicbjjzl2WnMLx6gFigIz9rjlAswDSQswx4 naLkOwaAllAse4FzHC9ShC4/Rwh9gY1LflAHg0qBZEugR+oEZUoLqqJMQKGODdec q7mWUMrndue+zEWy8+4WlvJr/LQbkecTO0/hH/+PPtZvfTyHGrr6LgGnfxXPJ2s1 k0X+L92dJXnpOnLgCxvWdONdPU7yc6W5QgVqOmOB+N7Pm8koi8G9lDUSO2YuIDvz hFUTBeOSzBrov/BLZQSYfkaVNxy8dR9Lr7q0JDLnSgrX8KejpHbYPyUhH/U/K338 4QLBiZ5Acl4lNaQG0F4TGJRtDlgWesNcoUCstT5VoRnE7EVEOmQ=
    =YBu5
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)