Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 42: exiv2 Low Severity Issues Fixed in Advisory 2025-387e64c9fd

fedora
Calendar Grey September 1, 2025
Dist Fedora Esm H88
ExifTool 12.50 addresses several minor flaws in CentOS 8, enhancing reliable image metadata processing.
Exiv2 0.28.6 + patch to fix silent abi breakage Exiv2 v0.28.6 (Fixes two low severity CVEs)

Summary

A command line utility to access image metadata, allowing one to:

* print the Exif metadata of Jpeg images as summary info, interpreted values,

or the plain data for each tag

* print the Iptc metadata of Jpeg images

* print the Jpeg comment of Jpeg images

* set, add and delete Exif and Iptc metadata of Jpeg images

* adjust the Exif timestamp (that's how it all started...)

* rename Exif image files according to the Exif timestamp

* extract, insert and delete Exif metadata (including thumbnails),

Iptc metadata and Jpeg comments

Update Information:

Exiv2 0.28.6 + patch to fix silent abi breakage Exiv2 v0.28.6 (Fixes two low severity CVEs)

Topics%20covered

Topics Covered

security advisory fedora patch low severity exiv2 image metadata

Change Log

* Sun Aug 31 2025 Steve Cossette - 0.28.6-2 - Make methods non-virtual (Fix for a silent ABI change introduced in 0.28.6) * Fri Aug 29 2025 Steve Cossette - 0.28.6-1 - 0.28.6 * Wed Jul 23 2025 Fedora Release Engineering - 0.28.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild

References


[ 1 ] Bug #2391817 - CVE-2025-54080 exiv2: Exiv2 Segmentation Faults [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2391817 [ 2 ] Bug #2391838 - CVE-2025-55304 exiv2: Exiv2 has quadratic performance in ICC profile parsing in JpegBase::readMetadata [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2391838 [ 3 ] Bug #2391902 - exiv2-0.28.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=2391902

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-387e64c9fd' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
low
Lowest
Low
Medium
High
Critical

Name: exiv2
Product: Fedora 42
Version: 0.28.6
Release: 2.fc42
URL: https://exiv2.org/
Summary: Exif, IPTC and XMP metadata manipulation library

Topics%20covered

Topics Covered

security advisory fedora patch low severity exiv2 image metadata

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here