Security update for exiv2

Announcement ID:	SUSE-SU-2022:3889-1
Rating:	important
References:	bsc#1068871 bsc#1142675 bsc#1142679 bsc#1185002 bsc#1185218 bsc#1185447 bsc#1185913 bsc#1186053 bsc#1186192 bsc#1188645 bsc#1188733 bsc#1189332 bsc#1189333 bsc#1189334 bsc#1189335 bsc#1189338 jsc#PED-1393
Cross-References:	CVE-2017-1000128 CVE-2019-13108 CVE-2019-13111 CVE-2020-19716 CVE-2021-29457 CVE-2021-29463 CVE-2021-29470 CVE-2021-29623 CVE-2021-31291 CVE-2021-32617 CVE-2021-34334 CVE-2021-37620 CVE-2021-37621 CVE-2021-37622 CVE-2021-37623
CVSS scores:	CVE-2017-1000128 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2017-1000128 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-13108 ( SUSE ): 4.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2019-13108 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-13108 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-13111 ( SUSE ): 4.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2019-13111 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-13111 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2020-19716 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2020-19716 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-29457 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-29457 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-29463 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-29463 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-29470 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-29470 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-29623 ( SUSE ): 5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N CVE-2021-29623 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N CVE-2021-31291 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-32617 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-32617 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-34334 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-34334 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-37620 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2021-37620 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-37621 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H CVE-2021-37621 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-37622 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-37622 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-37623 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-37623 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:	Desktop Applications Module 15-SP4 openSUSE Leap 15.4 SUSE Linux Enterprise Desktop 15 SP4 SUSE Linux Enterprise High Performance Computing 15 SP4 SUSE Linux Enterprise Real Time 15 SP4 SUSE Linux Enterprise Server 15 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SP4 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.3

An update that solves 15 vulnerabilities, contains one feature and has one security fix can now be installed.

Description:

This update for exiv2 fixes the following issues:

Updated to version 0.27.5 (jsc#PED-1393):

• CVE-2017-1000128: Fixed stack out of bounds read in JPEG2000 parser (bsc#1068871).
• CVE-2019-13108: Fixed integer overflow PngImage:readMetadata (bsc#1142675).
• CVE-2020-19716: Fixed buffer overflow vulnerability in the Databuf function in types.cpp (bsc#1188645).
• CVE-2021-29457: Fixed heap buffer overflow when write metadata into a crafted image file (bsc#1185002).
• CVE-2021-29470: Fixed out-of-bounds read in Exiv2:Jp2Image:encodeJp2Header (bsc#1185447).
• CVE-2021-29623: Fixed read of uninitialized memory (bsc#1186053).
• CVE-2021-31291: Fixed heap-based buffer overflow in jp2image.cpp (bsc#1188733).
• CVE-2021-32617: Fixed denial of service due to inefficient algorithm (bsc#1186192).
• CVE-2021-37620: Fixed out-of-bounds read in XmpTextValue:read() (bsc#1189332).
• CVE-2021-37621: Fixed DoS due to infinite loop in Image:printIFDStructure (bsc#1189333).
• CVE-2021-37622: Fixed DoS due to infinite loop in JpegBase:printStructure (bsc#1189334)
• CVE-2021-34334: Fixed DoS due to integer overflow in loop counter(bsc#1189338)
• CVE-2021-37623: Fixed DoS due to infinite loop in JpegBase:printStructure (bsc#1189335)
• CVE-2021-29463: Fixed out-of-bounds read in webpimage.cpp (bsc#1185913).
• CVE-2021-34334: Fixed DoS due to integer overflow in loop counter (bsc#1189338)
• CVE-2019-13111: Fixed integer overflow in WebPImage:decodeChunks that lead to denial of service (bsc#1142679)
• CVE-2021-29463: Fixed an out-of-bounds read was found in webpimage.cpp (bsc#1185913)

Bugfixes:

• Fixed build using GCC 11 (bsc#1185218).

A new libexiv2-2_27 shared library is shipped, the libexiv2-2_26 is provided only for compatibility now.

Please recompile your applications using the exiv2 library.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• openSUSE Leap 15.4
  zypper in -t patch openSUSE-SLE-15.4-2022-3889=1
• Desktop Applications Module 15-SP4
  zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2022-3889=1

Package List:

• openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
  • libexiv2-devel-0.27.5-150400.15.4.1
  • libexiv2-26-debuginfo-0.26-150400.9.16.1
  • libexiv2-26-0.26-150400.9.16.1
  • exiv2-0.27.5-150400.15.4.1
  • libexiv2-27-0.27.5-150400.15.4.1
  • exiv2-debuginfo-0.27.5-150400.15.4.1
  • exiv2-debugsource-0.27.5-150400.15.4.1
  • libexiv2-xmp-static-0.27.5-150400.15.4.1
  • libexiv2-27-debuginfo-0.27.5-150400.15.4.1
• openSUSE Leap 15.4 (noarch)
  • exiv2-lang-0.27.5-150400.15.4.1
• openSUSE Leap 15.4 (x86_64)
  • libexiv2-26-32bit-debuginfo-0.26-150400.9.16.1
  • libexiv2-27-32bit-debuginfo-0.27.5-150400.15.4.1
  • libexiv2-26-32bit-0.26-150400.9.16.1
  • libexiv2-27-32bit-0.27.5-150400.15.4.1
• Desktop Applications Module 15-SP4 (aarch64 ppc64le s390x x86_64)
  • libexiv2-devel-0.27.5-150400.15.4.1
  • libexiv2-26-debuginfo-0.26-150400.9.16.1
  • libexiv2-26-0.26-150400.9.16.1
  • libexiv2-27-0.27.5-150400.15.4.1
  • exiv2-debuginfo-0.27.5-150400.15.4.1
  • exiv2-debugsource-0.27.5-150400.15.4.1
  • libexiv2-xmp-static-0.27.5-150400.15.4.1
  • libexiv2-27-debuginfo-0.27.5-150400.15.4.1

References:

• https://www.suse.com/security/cve/CVE-2017-1000128.html
• https://www.suse.com/security/cve/CVE-2019-13108.html
• https://www.suse.com/security/cve/CVE-2019-13111.html
• https://www.suse.com/security/cve/CVE-2020-19716.html
• https://www.suse.com/security/cve/CVE-2021-29457.html
• https://www.suse.com/security/cve/CVE-2021-29463.html
• https://www.suse.com/security/cve/CVE-2021-29470.html
• https://www.suse.com/security/cve/CVE-2021-29623.html
• https://www.suse.com/security/cve/CVE-2021-31291.html
• https://www.suse.com/security/cve/CVE-2021-32617.html
• https://www.suse.com/security/cve/CVE-2021-34334.html
• https://www.suse.com/security/cve/CVE-2021-37620.html
• https://www.suse.com/security/cve/CVE-2021-37621.html
• https://www.suse.com/security/cve/CVE-2021-37622.html
• https://www.suse.com/security/cve/CVE-2021-37623.html
• https://bugzilla.suse.com/show_bug.cgi?id=1068871
• https://bugzilla.suse.com/show_bug.cgi?id=1142675
• https://bugzilla.suse.com/show_bug.cgi?id=1142679
• https://bugzilla.suse.com/show_bug.cgi?id=1185002
• https://bugzilla.suse.com/show_bug.cgi?id=1185218
• https://bugzilla.suse.com/show_bug.cgi?id=1185447
• https://bugzilla.suse.com/show_bug.cgi?id=1185913
• https://bugzilla.suse.com/show_bug.cgi?id=1186053
• https://bugzilla.suse.com/show_bug.cgi?id=1186192
• https://bugzilla.suse.com/show_bug.cgi?id=1188645
• https://bugzilla.suse.com/show_bug.cgi?id=1188733
• https://bugzilla.suse.com/show_bug.cgi?id=1189332
• https://bugzilla.suse.com/show_bug.cgi?id=1189333
• https://bugzilla.suse.com/show_bug.cgi?id=1189334
• https://bugzilla.suse.com/show_bug.cgi?id=1189335
• https://bugzilla.suse.com/show_bug.cgi?id=1189338
• https://jira.suse.com/browse/PED-1393