Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 414
Alerts This Week
Warning Icon 1 414

Fedora 22: 2016:ff39572e31 moderate: exiv2 XML Entity Expansion

fedora
Calendar Grey March 6, 2016
Dist Fedora Esm H88
Fedora 22 Patch for exiv2 resolves XML entity expansion vulnerability. Ensure your system's safety with this recent update.
Avoid possible XML entity expansion security issue.

Summary

A command line utility to access image metadata, allowing one to:

* print the Exif metadata of Jpeg images as summary info, interpreted values,

or the plain data for each tag

* print the Iptc metadata of Jpeg images

* print the Jpeg comment of Jpeg images

* set, add and delete Exif and Iptc metadata of Jpeg images

* adjust the Exif timestamp (that's how it all started...)

* rename Exif image files according to the Exif timestamp

* extract, insert and delete Exif metadata (including thumbnails),

Iptc metadata and Jpeg comments

Update Information:

Avoid possible XML entity expansion security issue.

Change Log

References


[ 1 ] Bug #888769 - exiv2: embedded copy of exempi should be compiled with BanAllEntityUsage https://bugzilla.redhat.com/show_bug.cgi?id=888769

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update exiv2' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
important
Lowest
Low
Medium
High
Critical

Name: exiv2
Product: Fedora 22
Version: 0.24
Release: 5.fc22
URL: Summary : Exif and Iptc metadata manipulation library

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.