Overview

File _patchinfo of Package patchinfo.6455

<patchinfo incident="6455">
  <issue id="1059893" tracker="bnc">VUL-1:CVE-2017-7544: libexif: Out-of-bounds heap read in exif_data_save_data_entry function</issue>
  <issue id="1055857" tracker="bnc">VUL-0: CVE-2016-6328: libexif: Integer overflow in parsing MNOTE entry data of the input file</issue>
  <issue id="2017-7544" tracker="cve" />
  <issue id="2016-6328" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>kbabioch</packager>
  <description>This update for libexif fixes several issues.

These security issues were fixed:

- CVE-2016-6328: Fixed integer overflow in parsing MNOTE entry data of the input
  file (bsc#1055857)
- CVE-2017-7544: Fixed out-of-bounds heap read vulnerability in
  exif_data_save_data_entry function in libexif/exif-data.c caused by improper
  length computation of the allocated data of an ExifMnote entry which can cause
  denial-of-service or possibly information disclosure (bsc#1059893)
</description>
  <summary>Security update for libexif</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places