USN-4624-1

See a problem?
Source
https://ubuntu.com/security/notices/USN-4624-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-4624-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-4624-1
Related
  • CVE-2020-0452
Published
2020-11-10T12:10:16.207095Z
Modified
2020-11-10T12:10:16.207095Z
Summary
libexif vulnerability
Details

It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to cause unexpected behaviours, or execute arbitrary code.

References

Affected packages

Ubuntu:Pro:14.04:LTS / libexif

Package

Name
libexif

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.6.21-1ubuntu1+esm6

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "libexif12": "0.6.21-1ubuntu1+esm6",
            "libexif-dev": "0.6.21-1ubuntu1+esm6"
        }
    ]
}

Ubuntu:16.04:LTS / libexif

Package

Name
libexif

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.6.21-2ubuntu0.6

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "libexif12": "0.6.21-2ubuntu0.6",
            "libexif-dev": "0.6.21-2ubuntu0.6"
        }
    ]
}

Ubuntu:18.04:LTS / libexif

Package

Name
libexif

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.6.21-4ubuntu0.6

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "libexif12": "0.6.21-4ubuntu0.6",
            "libexif-doc": "0.6.21-4ubuntu0.6",
            "libexif-dev": "0.6.21-4ubuntu0.6"
        }
    ]
}

Ubuntu:20.04:LTS / libexif

Package

Name
libexif

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.6.21-6ubuntu0.4

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "libexif12": "0.6.21-6ubuntu0.4",
            "libexif-doc": "0.6.21-6ubuntu0.4",
            "libexif-dev": "0.6.21-6ubuntu0.4"
        }
    ]
}