Ubuntu
exiv2 package

Overview
Code
Bugs
Blueprints
Translations
Answers

Bug #1941752
Comment #12

Comment 12 for bug 1941752

Revision history for this message

In KDE Bug Tracking System #441121, Jan Rathmann (kaiserclaudius) wrote on 2021-08-29:

#12

I have tracked this down to the following change in CVE-2021-37620-3.patch (Ubuntu src package exiv2-0.27.3-3ubuntu1.5):

===================================================================
--- exiv2-0.27.3.orig/src/tags_int.cpp
+++ exiv2-0.27.3/src/tags_int.cpp
@@ -2865,7 +2865,7 @@ namespace Exiv2 {
}

         std::string stringValue = value.toString();
- if (stringValue[19] == 'Z') {
+ if (stringValue.at(19) == 'Z') {
             stringValue = stringValue.substr(0, 19);
         }
         for (size_t i = 0; i < stringValue.length(); ++i) {

Ubuntuexiv2 package

Comment 12 for bug 1941752

Ubuntu
exiv2 package