Source: exiv2 Version: 0.28.4+dfsg-1 Severity: grave Tags: security upstream Justification: user security hole Forwarded: https://github.com/Exiv2/exiv2/issues/3168 X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
Hi, The following vulnerability was published for exiv2. CVE-2025-26623[0]: | Exiv2 is a C++ library and a command-line utility to read, write, | delete and modify Exif, IPTC, XMP and ICC image metadata. A heap | buffer overflow was found in Exiv2 versions v0.28.0 to v0.28.4. | Versions prior to v0.28.0, such as v0.27.7, are **not** affected. | Exiv2 is a command-line utility and C++ library for reading, | writing, deleting, and modifying the metadata of image files. The | heap overflow is triggered when Exiv2 is used to write metadata into | a crafted image file. An attacker could potentially exploit the | vulnerability to gain code execution, if they can trick the victim | into running Exiv2 on a crafted image file. Note that this bug is | only triggered when writing the metadata, which is a less frequently | used Exiv2 operation than reading the metadata. For example, to | trigger the bug in the Exiv2 command-line application, you need to | add an extra command-line argument such as `fixiso`. The bug is | fixed in version v0.28.5. Users are advised to upgrade. There are no | known workarounds for this vulnerability. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2025-26623 https://www.cve.org/CVERecord?id=CVE-2025-26623 [1] https://github.com/Exiv2/exiv2/issues/3168 [2] https://github.com/Exiv2/exiv2/security/advisories/GHSA-38h4-fx85-qcx7 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
