out of buffer access and Integer overflow in Exiv2

Bug #1923479 reported by Leonidas S. Barbosa
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
exiv2 (Ubuntu)
Undecided
Leonidas S. Barbosa
Revision history for this message
Leonidas S. Barbosa (leosilvab) wrote :

There are no CVEs for this issues so far.

Changed in exiv2 (Ubuntu):
assignee: nobody → Leonidas S. Barbosa (leosilvab)
status: New → In Progress
Revision history for this message
Leonidas S. Barbosa (leosilvab) wrote :

A security update will be issue in next days to fix it on Ubuntu releases.

Revision history for this message
Leonidas S. Barbosa (leosilvab) wrote :

issued*

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package exiv2 - 0.27.3-3ubuntu1.1

---------------
exiv2 (0.27.3-3ubuntu1.1) hirsute-security; urgency=medium

  * SECURITY UPDATE: Heap buffer overflow
    - debian/patches/CVE-2021-3482-*.patch: fix buffer overflow
      in src/jp2image.cpp and adds tests test/data/poc_1522.jp2,
      tests/bugfixes/github/test_issue_1522.py.
    - debian/source/include-binaries: add poc_1522.jp2 entry.
    - CVE-2021-3482
  * SECURITY UPDATE: An out of buffer access
    - debian/patches/CVE-2021-29457.patch: fix in src/jp2image.cpp
      (LP: #1923479)
    - CVE-2021-29457
  * SECURITY UPDATE: Integer overflow
    - debian/patches/CVE-2021-29458.patch: fix in src/crwimage_int.cpp
      (LP: #1923479)
    - CVE-2021-29458
  * SECURITY UPDATE: Out-of-bounds
    - debian/patches/CVE-2021-29470-*.patch: Add more bound checks in
      Jp2Image::encodeJp2Header and add some tests from/for github.
    - CVE-2021-29470

 -- Leonidas Da Silva Barbosa <email address hidden> Mon, 12 Apr 2021 14:47:29 -0300

Changed in exiv2 (Ubuntu):
status: In Progress → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package exiv2 - 0.27.3-3ubuntu0.2

---------------
exiv2 (0.27.3-3ubuntu0.2) groovy-security; urgency=medium

  * SECURITY UPDATE: Heap buffer overflow
    - debian/patches/CVE-2021-3482-*.patch: fix buffer overflow
      in src/jp2image.cpp and adds tests test/data/poc_1522.jp2,
      tests/bugfixes/github/test_issue_1522.py.
    - debian/source/include-binaries: add poc_1522.jp2 entry.
    - CVE-2021-3482
  * SECURITY UPDATE: An out of buffer access
    - debian/patches/CVE-2021-29457.patch: fix in src/jp2image.cpp
      (LP: #1923479)
    - CVE-2021-29457
  * SECURITY UPDATE: Integer overflow
    - debian/patches/CVE-2021-29458.patch: fix in src/crwimage_int.cpp
      (LP: #1923479)
    - CVE-2021-29458
  * SECURITY UPDATE: Out-of-bounds
    - debian/patches/CVE-2021-29470-*.patch: Add more bound checks in
      Jp2Image::encodeJp2Header and add some tests from/for github.
    - CVE-2021-29470

 -- Leonidas Da Silva Barbosa <email address hidden> Mon, 12 Apr 2021 15:25:12 -0300

Changed in exiv2 (Ubuntu):
status: In Progress → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package exiv2 - 0.27.2-8ubuntu2.2

---------------
exiv2 (0.27.2-8ubuntu2.2) focal-security; urgency=medium

  * SECURITY UPDATE: Heap buffer overflow
    - debian/patches/CVE-2021-3482-*.patch: fix buffer overflow
      in src/jp2image.cpp and adds tests test/data/poc_1522.jp2,
      tests/bugfixes/github/test_issue_1522.py.
    - debian/source/include-binaries: add poc_1522.jp2 entry.
    - CVE-2021-3482
  * SECURITY UPDATE: An out of buffer access
    - debian/patches/CVE-2021-29457.patch: fix in src/jp2image.cpp
      (LP: #1923479)
    - CVE-2021-29457
  * SECURITY UPDATE: Integer overflow
    - debian/patches/CVE-2021-29458.patch: fix in src/crwimage_int.cpp
      (LP: #1923479)
    - CVE-2021-29458
  * SECURITY UPDATE: Out-of-bounds
    - debian/patches/CVE-2021-29470-*.patch: Add more bound checks in
      Jp2Image::encodeJp2Header and add some tests from/for github.
    - CVE-2021-29470

 -- Leonidas Da Silva Barbosa <email address hidden> Tue, 13 Apr 2021 09:49:39 -0300

Changed in exiv2 (Ubuntu):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers