ELSA-2020-1577

ELSA-2020-1577 - exiv2 security, bug fix, and enhancement update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2020-05-05

Description

exiv2
[0.27.2-5]
- Fix failing test
Resolves: bz#1800472

[0.27.2-4]
- Drop test for the previous CVE as we test it manually and we dont have POC available
Resolves: bz#1800472

[0.27.2-3]
- Fix infinite loop and hang in Jp2Image::readMetadata()
Resolves: bz#1800472

[0.27.2-2]
Rebuild
Resolves: bz#1651917

[0.27.2-1]
- Update to 0.27.2
Resolves: bz#1651917

gegl
[0.2.0-39]
- Build without exiv2
Resolves: bz#1767748

gnome-color-manager
[3.28.0-3]
- Rebuild again to correctly trigger side-tag gating (exiv2)
Resolves: bz#1757445

[3.28.0-2]
- Rebuild (exiv2)
Resolves: bz#1757445

libgexiv2
[0.10.8-4]
- Rebuild again to correctly trigger side-tag gating (exiv2)
Resolves: bz#1757444

[0.10.8-3]
- Rebuild (exiv2)
Resolves: bz#1757444

Related CVEs

CVE-2018-9305

CVE-2018-10772

CVE-2018-17581

CVE-2018-19107

CVE-2018-20099

CVE-2018-11037

CVE-2018-17282

CVE-2018-18915

CVE-2018-19108

CVE-2018-19535

CVE-2018-19607

CVE-2018-20096

CVE-2018-20097

CVE-2018-20098

CVE-2018-9306

CVE-2018-14338

CVE-2018-17229

CVE-2018-17230

CVE-2017-18005

CVE-2018-4868

CVE-2018-9303

CVE-2018-9304

CVE-2019-9143

CVE-2019-13109

CVE-2019-13111

CVE-2019-13112

CVE-2019-13113

CVE-2019-13114

CVE-2019-20421

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory
Oracle Linux 8 (aarch64)	exiv2-0.27.2-5.el8.src.rpm	2bc44b56836026a766719c23a45e728a	-
	gegl-0.2.0-39.el8.src.rpm	344e6313030a13c06d8b612ad2750f32	-
	libgexiv2-0.10.8-4.el8.src.rpm	21b6e0bd966a00ed6a26fec97eebcdd6	-
	exiv2-0.27.2-5.el8.aarch64.rpm	f8eb8d517abe7fe5e79d121c51ad6e56	-
	exiv2-devel-0.27.2-5.el8.aarch64.rpm	47287324638551359ee1102fd4590013	-
	exiv2-doc-0.27.2-5.el8.noarch.rpm	87bdf64f0ddc8ca2c7839abe85e5767d	-
	exiv2-libs-0.27.2-5.el8.aarch64.rpm	ab89c56d578b094fb587c9c205e16a0c	-
	gegl-0.2.0-39.el8.aarch64.rpm	fda77dde1ae4c353f988697cf796361a	-
	libgexiv2-0.10.8-4.el8.aarch64.rpm	4dcd9a73f142d8a4334c05b2cae118b7	-
	libgexiv2-devel-0.10.8-4.el8.aarch64.rpm	5e4f4dc49af34b888046b479904ec575	-
Oracle Linux 8 (x86_64)	exiv2-0.27.2-5.el8.src.rpm	2bc44b56836026a766719c23a45e728a	-
	gegl-0.2.0-39.el8.src.rpm	344e6313030a13c06d8b612ad2750f32	-
	gnome-color-manager-3.28.0-3.el8.src.rpm	7c25a7d880ae470c57343d3f192cff6a	-
	libgexiv2-0.10.8-4.el8.src.rpm	21b6e0bd966a00ed6a26fec97eebcdd6	-
	exiv2-0.27.2-5.el8.x86_64.rpm	86303e9149ccec1460d047a27536b759	-
	exiv2-devel-0.27.2-5.el8.i686.rpm	9f355b6905f1aea62c2082451bdb6c9e	-
	exiv2-devel-0.27.2-5.el8.x86_64.rpm	4b31d2d4f1f13577569701fb7350bfbb	-
	exiv2-doc-0.27.2-5.el8.noarch.rpm	87bdf64f0ddc8ca2c7839abe85e5767d	-
	exiv2-libs-0.27.2-5.el8.i686.rpm	fe924342027999e8a02c8fea89b12fe6	-
	exiv2-libs-0.27.2-5.el8.x86_64.rpm	9f0778baa692d7322bb6c913fb9cb8e0	-
	gegl-0.2.0-39.el8.i686.rpm	59fd1e4721c8ae639d73ef0c80331bdb	-
	gegl-0.2.0-39.el8.x86_64.rpm	f256bf6846852b07a9171a16b0982b87	-
	gnome-color-manager-3.28.0-3.el8.x86_64.rpm	fc0e02d221a1775ac9a3725115d770c2	-
	libgexiv2-0.10.8-4.el8.i686.rpm	f2f0ff9145e0a356dda833f2d53048b2	-
	libgexiv2-0.10.8-4.el8.x86_64.rpm	48cb8fb48191b48790346c7ada9c670f	-
	libgexiv2-devel-0.10.8-4.el8.i686.rpm	8efe1a0d2dc2608d163669b5e42a2c2b	-
	libgexiv2-devel-0.10.8-4.el8.x86_64.rpm	5062d0e5668c2715cb91e87571956c79	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team