Opened 2 months ago
Closed 2 months ago
#19307 closed enhancement (fixed)
exiv2-0.28.2
| Reported by: | Bruce Dubbs | Owned by: | Douglas R. Reno |
|---|---|---|---|
| Priority: | elevated | Milestone: | 12.1 |
| Component: | BOOK | Version: | git |
| Severity: | normal | Keywords: | |
| Cc: |
Description
New point version.
Change History (4)
comment:1 by , 2 months ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:2 by , 2 months ago
| Priority: | normal → elevated |
|---|
comment:3 by , 2 months ago
- CVE-2024-24826: out-of-bounds read in QuickTimeVideo::NikonTagsDecoder
- CVE-2024-25112: denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder
comment:4 by , 2 months ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Fixed at 698d5e63e4268507a057c31f5d06a2eedfe36017
SA-12.0-098 issued.
Note:
See TracTickets
for help on using tickets.
Looking at the release notes, this only contains two low-severity security fixes in the QuickTime Video feature that was added in exiv2-0.28.0. Should be a quick update. :)