[Pkg-phototools-devel] Bug#962346: CVE-2020-0181
Salvatore Bonaccorso
carnil at debian.org
Sun Jun 7 09:38:49 BST 2020
Hi Moritz,
On Sat, Jun 06, 2020 at 04:12:20PM +0200, Moritz Muehlenhoff wrote:
> Source: libexif
> Severity: important
> Tags: security
>
> Similar to CVE-2020-0198, another issue reported/fixed in Android, but not
> applied upstream:
> https://android.googlesource.com/platform/external/libexif/+/f6c54954cbfc25eb73d2d2902f0597c0220174a4
Not completely sure, but I think upstream fixed that while adressing
CVE-2019-9278, with commit
http://github.com/libexif/libexif/commit/75aa73267fdb1e0ebfbc00369e7312bac43d0566
(cf. https://github.com/libexif/libexif/issues/26).
Regards,
Salvatore
More information about the Pkg-phototools-devel
mailing list