[SECURITY] [DLA 4264-1] exempi security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4264-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
August 04, 2025 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : exempi
Version : 2.5.2-1+deb11u1
CVE ID : CVE-2021-36045 CVE-2021-36046 CVE-2021-36047 CVE-2021-36048
CVE-2021-36050 CVE-2021-36051 CVE-2021-36052 CVE-2021-36053
CVE-2021-36054 CVE-2021-36055 CVE-2021-36056 CVE-2021-36057
CVE-2021-36058 CVE-2021-36064 CVE-2021-39847 CVE-2021-40716
CVE-2021-40732 CVE-2021-42528 CVE-2021-42529 CVE-2021-42530
CVE-2021-42531 CVE-2021-42532
Multiple vulnerabilities have been fixed in Exempi,
an implementation of XMP (Extensible Metadata Platform).
CVE-2021-36045
Out-of-bounds Access
CVE-2021-36046
Out-of-bounds Access
CVE-2021-36047
Improper Input Validation
CVE-2021-36048
Improper Input Validation
CVE-2021-36050
Heap-based Buffer Overflow
CVE-2021-36051
Heap-based Buffer Overflow
CVE-2021-36052
Out-of-bounds Access
CVE-2021-36053
Out-of-bounds Access
CVE-2021-36054
Heap-based Buffer Overflow
CVE-2021-36055
Heap-based Buffer Overflow
CVE-2021-36056
Heap-based Buffer Overflow
CVE-2021-36057
Write-what-where Condition
CVE-2021-36058
Integer Overflow or Wraparound
CVE-2021-36064
Buffer Underwrite
CVE-2021-39847
Stack-based Buffer Overflow
CVE-2021-40716
Out-of-bounds Access
CVE-2021-40732
NULL Pointer Dereference
CVE-2021-42528
NULL Pointer Dereference
CVE-2021-42529
Stack-based Buffer Overflow
CVE-2021-42530
Stack-based Buffer Overflow
CVE-2021-42531
Stack-based Buffer Overflow
CVE-2021-42532
Stack-based Buffer Overflow
For Debian 11 bullseye, these problems have been fixed in version
2.5.2-1+deb11u1.
We recommend that you upgrade your exempi packages.
For the detailed security status of exempi please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/exempi
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmiQb9oACgkQiNJCh6LY
mLEW3A/9Efqd3SkZtiGuxC4BO+u5Yj+RC+/Wa/RQOx+FjUJZrQsp5lWRM+n8hnMs
kaZ1hqM8lNTOqJsM21P3vL+ZNmCyC1yKifiYGPtRWYkR2ZysZbXFTteQh3V6Lcoo
4V+/1P4osCYzghc4MROTxycLgQBr2jCaHutYcYughQ6urd+wKyX5FpfERKFA1X+a
htnA7MaPJbFn6n7xV4LHgMMYpS/E+LgHvKLzNlqrYRmhyKtEr4N+l4xGAmNSUBBT
ccchD2NvxCrHxT3ic7theyVvFnkx5r6yBzLUuDc/rqQiLaa+KNb9HYB2CChfwshC
BcIYC+sqZmAKrL1e7tDKPwkslTmBdGfCH78GXkYsDKEgL7zGdLq2u4bnIQOMfdK+
W6JsshOUe20+oPXWUFQzANOXT28Slcx8E31En53s5WeLgxXJAmi3NxFjjrYYwclH
EVZ7KJSy8FJYrRkIv50NXUw+1KCvBBzhZyGTfVOAmlo5ZLCs00tZxqCw2FYYT+SM
cY1u35IuiLejmY2rrlAfXK8bW+l48ocBZojhozIJNR+LAtiA8ZiJkGU8wFUhycpv
x2H+gG/F+nkOWcw+Z10NSvA3LIoa5IaI8l/pfic00I1Lw/1NdAUjPKd36LD89xth
eWmrvVYrxdrgBygh3NHhlO+fY85/dq+FI9CEDNaYrwYbghrGprA=
=mU+3
-----END PGP SIGNATURE-----
Reply to: