Synopsis: Low: exempi security update
Advisory ID: SLSA-2019:2048-1
Issue Date: 2019-08-06
CVE Numbers: CVE-2018-7730
CVE-2017-18233
CVE-2017-18238
CVE-2017-18236
CVE-2017-18234
—
Security Fix(es):
* exempi: Infinite Loop in Chunk class in
XMPFiles/source/FormatSupport/RIFF.cpp (CVE-2017-18233)
* exempi: Use after free via a PDF file containing JPEG data
(CVE-2017-18234)
* exempi: Infinite loop in ASF_Support::ReadHeaderObject function in
XMPFiles/source/FormatSupport/ASF_Support.cpp (CVE-2017-18236)
* exempi: Infinite loop in TradQT_Manager::ParseCachedBoxes function in
XMPFiles/source/FormatSupport/QuickTime_Support.cpp (CVE-2017-18238)
* exempi: Heap-based buffer overflow in PSD_MetaHandler::CacheFileData
function in XMPFiles/source/FormatSupport/PSIR_FileWriter.cpp allows for
denial of service via crafted XLS file (CVE-2018-7730)
—
SL7
x86_64
exempi-2.2.0-9.el7.i686.rpm
exempi-2.2.0-9.el7.x86_64.rpm
exempi-devel-2.2.0-9.el7.i686.rpm
exempi-devel-2.2.0-9.el7.x86_64.rpm
exempi-debuginfo-2.2.0-9.el7.i686.rpm
exempi-debuginfo-2.2.0-9.el7.x86_64.rpm
– Scientific Linux Development Team
