[SECURITY] Fedora 28 Update: exiv2-0.26-12.fc28

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2018-8b67a5c7e2 2018-08-07 01:13:44.522678 -------------------------------------------------------------------------------- Name : exiv2 Product : Fedora 28 Version : 0.26 Release : 12.fc28 URL : http://www.exiv2.org/ Summary : Exif and Iptc metadata manipulation library Description : A command line utility to access image metadata, allowing one to: * print the Exif metadata of Jpeg images as summary info, interpreted values, or the plain data for each tag * print the Iptc metadata of Jpeg images * print the Jpeg comment of Jpeg images * set, add and delete Exif and Iptc metadata of Jpeg images * adjust the Exif timestamp (that's how it all started...) * rename Exif image files according to the Exif timestamp * extract, insert and delete Exif metadata (including thumbnails), Iptc metadata and Jpeg comments -------------------------------------------------------------------------------- Update Information: Exiv2 update with security fixes. -------------------------------------------------------------------------------- ChangeLog: * Tue Jul 24 2018 Jan Grulich <jgrulich(a)redhat.com&gt; - 0.26-12 - Security fix for CVE-2017-17723, CVE-2017-17725, CVE-2018-10958, CVE-2018-10998, CVE-2018-11531, CVE-2018-12264, CVE-2018-12265, CVE-2018-14046, CVE-2018-5772, CVE-2018-8976, CVE-2018-8977, CVE-2018-9144 * Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org&gt; - 0.26-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Thu May 3 2018 Germano Massullo <germano.massullo(a)gmail.com&gt; - 0.26-10 - added patches that fix CVE-2017-17723 CVE-2017-17725 CVE-2017-5772 - moved 0006-1296-Fix-submitted.patch file from sources to package tree * Tue Feb 20 2018 Rex Dieter <rdieter(a)fedoraproject.org&gt; - 0.26-9 - BR: gcc-c++ -------------------------------------------------------------------------------- References: [ 1 ] Bug #1566735 - CVE-2018-9305 exiv2: out of bounds read in IptcData::printStructure in iptc.c https://bugzilla.redhat.com/show_bug.cgi?id=1566735 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-8b67a5c7e2' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------