libexif upstream fixes
|Reported by:||Owned by:|
The other security fixes I noticed are for libexif-0.6.22.
Fedora have patches, apparently from upstream, to fix CVE-2020-0181/0198 and CVE-2020-0452. Those were originally reported against android. The first pair are labelled as DOS, but the last one is an oob write on integer overflow, possible remote code execution or disclosure of sensitive information.