[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 4264-1] exempi security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4264-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                          Adrian Bunk
August 04, 2025                               https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : exempi
Version        : 2.5.2-1+deb11u1
CVE ID         : CVE-2021-36045 CVE-2021-36046 CVE-2021-36047 CVE-2021-36048 
                 CVE-2021-36050 CVE-2021-36051 CVE-2021-36052 CVE-2021-36053 
                 CVE-2021-36054 CVE-2021-36055 CVE-2021-36056 CVE-2021-36057 
                 CVE-2021-36058 CVE-2021-36064 CVE-2021-39847 CVE-2021-40716 
                 CVE-2021-40732 CVE-2021-42528 CVE-2021-42529 CVE-2021-42530 
                 CVE-2021-42531 CVE-2021-42532

Multiple vulnerabilities have been fixed in Exempi,
an implementation of XMP (Extensible Metadata Platform).

CVE-2021-36045

    Out-of-bounds Access

CVE-2021-36046

    Out-of-bounds Access

CVE-2021-36047

    Improper Input Validation

CVE-2021-36048

    Improper Input Validation

CVE-2021-36050

    Heap-based Buffer Overflow

CVE-2021-36051

    Heap-based Buffer Overflow

CVE-2021-36052

    Out-of-bounds Access

CVE-2021-36053

    Out-of-bounds Access

CVE-2021-36054

    Heap-based Buffer Overflow

CVE-2021-36055

    Heap-based Buffer Overflow

CVE-2021-36056

    Heap-based Buffer Overflow

CVE-2021-36057

    Write-what-where Condition

CVE-2021-36058

    Integer Overflow or Wraparound

CVE-2021-36064

    Buffer Underwrite

CVE-2021-39847

    Stack-based Buffer Overflow

CVE-2021-40716

    Out-of-bounds Access

CVE-2021-40732

    NULL Pointer Dereference

CVE-2021-42528

    NULL Pointer Dereference

CVE-2021-42529

    Stack-based Buffer Overflow

CVE-2021-42530

    Stack-based Buffer Overflow

CVE-2021-42531

    Stack-based Buffer Overflow

CVE-2021-42532

    Stack-based Buffer Overflow

For Debian 11 bullseye, these problems have been fixed in version
2.5.2-1+deb11u1.

We recommend that you upgrade your exempi packages.

For the detailed security status of exempi please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/exempi

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmiQb9oACgkQiNJCh6LY
mLEW3A/9Efqd3SkZtiGuxC4BO+u5Yj+RC+/Wa/RQOx+FjUJZrQsp5lWRM+n8hnMs
kaZ1hqM8lNTOqJsM21P3vL+ZNmCyC1yKifiYGPtRWYkR2ZysZbXFTteQh3V6Lcoo
4V+/1P4osCYzghc4MROTxycLgQBr2jCaHutYcYughQ6urd+wKyX5FpfERKFA1X+a
htnA7MaPJbFn6n7xV4LHgMMYpS/E+LgHvKLzNlqrYRmhyKtEr4N+l4xGAmNSUBBT
ccchD2NvxCrHxT3ic7theyVvFnkx5r6yBzLUuDc/rqQiLaa+KNb9HYB2CChfwshC
BcIYC+sqZmAKrL1e7tDKPwkslTmBdGfCH78GXkYsDKEgL7zGdLq2u4bnIQOMfdK+
W6JsshOUe20+oPXWUFQzANOXT28Slcx8E31En53s5WeLgxXJAmi3NxFjjrYYwclH
EVZ7KJSy8FJYrRkIv50NXUw+1KCvBBzhZyGTfVOAmlo5ZLCs00tZxqCw2FYYT+SM
cY1u35IuiLejmY2rrlAfXK8bW+l48ocBZojhozIJNR+LAtiA8ZiJkGU8wFUhycpv
x2H+gG/F+nkOWcw+Z10NSvA3LIoa5IaI8l/pfic00I1Lw/1NdAUjPKd36LD89xth
eWmrvVYrxdrgBygh3NHhlO+fY85/dq+FI9CEDNaYrwYbghrGprA=
=mU+3
-----END PGP SIGNATURE-----
Reply to: