Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

SUSE: 2020:1553-2 Moderate: Libexif Security Update Announcement

suse
Calendar Grey July 8, 2020
Dist Suse Esm H88
SUSE Releases Security Patch for libexif: Addresses 9 vulnerabilities categorized as moderate. Update your systems promptly.
An update that fixes 9 vulnerabilities is now available

Summary

This update for libexif to 0.6.22 fixes the following issues: Security issues fixed: - CVE-2016-6328: Fixed an integer overflow in parsing MNOTE entry data of the input file (bsc#1055857). - CVE-2017-7544: Fixed an out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c (bsc#1059893). - CVE-2018-20030: Fixed a denial of service by endless recursion (bsc#1120943). - CVE-2019-9278: Fixed an integer overflow (bsc#1160770). - CVE-2020-0093: Fixed an out-of-bounds read in exif_data_save_data_entry (bsc#1171847). - CVE-2020-12767: Fixed a divide-by-zero error in exif_entry_get_value (bsc#1171475). - CVE-2020-13112: Fixed a time consumption DoS when parsing canon array markers (bsc#1172121). - CVE-2020-13113: Fixed a potential use of uninitialized memory

Topics%20covered

Topics Covered

security advisory moderate denial of service buffer overflow SUSE libexif

References

#1055857 #1059893 #1120943 #1160770 #1171475

#1171847 #1172105 #1172116 #1172121

Cross- CVE-2016-6328 CVE-2017-7544 CVE-2018-20030

CVE-2019-9278 CVE-2020-0093 CVE-2020-12767

CVE-2020-13112 CVE-2020-13113 CVE-2020-13114

Affected Products:

SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP2

SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP1

SUSE Linux Enterprise Module for Desktop Applications 15-SP2

https://www.suse.com/security/cve/CVE-2016-6328.html

https://www.suse.com/security/cve/CVE-2017-7544.html

https://www.suse.com/security/cve/CVE-2018-20030.html

https://www.suse.com/security/cve/CVE-2019-9278.html

https://www.suse.com/security/cve/CVE-2020-0093.html

https://www.suse.com/security/cve/CVE-2020-12767.html

Announcement ID: SUSE-SU-2020:1553-2
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate denial of service buffer overflow SUSE libexif

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here