[SECURITY] Fedora 36 Update: jhead-3.06.0.1-5.fc36

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2022-61ec901852 2022-10-26 17:27:29.983569 -------------------------------------------------------------------------------- Name : jhead Product : Fedora 36 Version : 3.06.0.1 Release : 5.fc36 URL : http://www.sentex.net/~mwandel/jhead/ Summary : Tool for displaying EXIF data embedded in JPEG images Description : Jhead displays and manipulates the non-image portions of EXIF formatted JPEG images, such as the images produced by most digital cameras. -------------------------------------------------------------------------------- Update Information: added patches to fix CVE-2022-41751 -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 18 2022 Adrian Reber <adrian(a)lisas.de&gt; - 3.06.0.1-5 - added patches to fix CVE-2022-41751 * Thu Jul 21 2022 Fedora Release Engineering <releng(a)fedoraproject.org&gt; - 3.06.0.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2135591 - CVE-2022-41751 jhead: arbitrary OS commands by placing them in a JPEG filename https://bugzilla.redhat.com/show_bug.cgi?id=2135591 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-61ec901852' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------