This bug was fixed in the package exiv2 - 0.27.3-3ubuntu1.1
--------------- exiv2 (0.27.3-3ubuntu1.1) hirsute-security; urgency=medium
* SECURITY UPDATE: Heap buffer overflow - debian/patches/CVE-2021-3482-*.patch: fix buffer overflow in src/jp2image.cpp and adds tests test/data/poc_1522.jp2, tests/bugfixes/github/test_issue_1522.py. - debian/source/include-binaries: add poc_1522.jp2 entry. - CVE-2021-3482 * SECURITY UPDATE: An out of buffer access - debian/patches/CVE-2021-29457.patch: fix in src/jp2image.cpp (LP: #1923479) - CVE-2021-29457 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2021-29458.patch: fix in src/crwimage_int.cpp (LP: #1923479) - CVE-2021-29458 * SECURITY UPDATE: Out-of-bounds - debian/patches/CVE-2021-29470-*.patch: Add more bound checks in Jp2Image::encodeJp2Header and add some tests from/for github. - CVE-2021-29470
-- Leonidas Da Silva Barbosa <email address hidden> Mon, 12 Apr 2021 14:47:29 -0300
This bug was fixed in the package exiv2 - 0.27.3-3ubuntu1.1
---------------
exiv2 (0.27.3-3ubuntu1.1) hirsute-security; urgency=medium
* SECURITY UPDATE: Heap buffer overflow patches/ CVE-2021- 3482-*. patch: fix buffer overflow poc_1522. jp2, bugfixes/ github/ test_issue_ 1522.py. source/ include- binaries: add poc_1522.jp2 entry. patches/ CVE-2021- 29457.patch: fix in src/jp2image.cpp patches/ CVE-2021- 29458.patch: fix in src/crwimage_ int.cpp patches/ CVE-2021- 29470-* .patch: Add more bound checks in :encodeJp2Heade r and add some tests from/for github.
- debian/
in src/jp2image.cpp and adds tests test/data/
tests/
- debian/
- CVE-2021-3482
* SECURITY UPDATE: An out of buffer access
- debian/
(LP: #1923479)
- CVE-2021-29457
* SECURITY UPDATE: Integer overflow
- debian/
(LP: #1923479)
- CVE-2021-29458
* SECURITY UPDATE: Out-of-bounds
- debian/
Jp2Image:
- CVE-2021-29470
-- Leonidas Da Silva Barbosa <email address hidden> Mon, 12 Apr 2021 14:47:29 -0300