This has been fixed and and also backported to 0.26 upstream:
https://github.com/Exiv2/exiv2/issues/60
forwarded 876242 https://github.com/Exiv2/exiv2/issues/60
tags fixed-upstream
thanks
Source: exiv2
Version: 0.26-1
Severity: grave
Tags: upstream security
Justification: user security hole
Hi,
the following vulnerability was published for exiv2.
CVE-2017-12957[0]:
| There is a heap-based buffer over-read in libexiv2 in Exiv2 0.26 that
| is triggered in the Exiv2::Image::io funct
2 matches
Mail list logo
