exiv2 0.28.3
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata.
| Tags | command-line cli image metadata cpp |
|---|---|
| License | Mixed |
| State | stable |
Homepage
DownloadRecent Releases
0.28.309 Jul 2024 14:45
minor feature:
Changes from version 0.28.2 to 0.28.3
Release Notes:
https://github.com/Exiv2/exiv2//3008.
https://github.com/Exiv2/exiv2/milestone/14?=1.
This release also a low-severity security in asfvideo.cpp:
CVE-2024-39695: out-of-bounds read in AsfVideo::streamProperties.
This vulnerability is in a new feature (ASF video) that was added in version 0.28.0, so earlier versions of Exiv2 are not affected.
Changes from version 0.28.1 to 0.28.2.
Release Notes:
https://github.com/Exiv2/exiv2//2914.
https://github.com/Exiv2/exiv2/milestone/13?=1.
This release also two low-severity security in quicktimevideo.cpp:
CVE-2024-24826: out-of-bounds read in QuickTimeVideo::NikonTagsDecoder.
CVE-2024-25112: denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder.
These vulnerabilities are in a new feature (quicktime video) that was added in version 0.28.0, so earlier versions of Exiv2 are not affected.
Changes from version 0.28.0 to 0.28.1.
Release Notes:
https://github.com/Exiv2/exiv2//2813
This release also CVE-2023-44398, an out-of-bounds write in `BmffImage::brotliUncompress`. The vulnerability is in new code that was added in version 0.28.0, so earlier versions of Exiv2 are not affected.
Changes from version 0.27.6 to 0.28.0.
Release Notes:
https://github.com/Exiv2/exiv2//2406#comment-1529139799
Changes from version 0.27.5 to 0.27.6.
https://github.com/Exiv2/exiv2/milestone/10?=1
Open:
https://github.com/Exiv2/exiv2/milestone/10?open=1
Release Notes:
https://github.com/Exiv2/exiv2//2406#comment-1383302378
Changes from version 0.27.4 to 0.27.5.
https://github.com/Exiv2/exiv2/milestone/9?=1
Open:
https://github.com/Exiv2/exiv2/milestone/9?open=1
Release Notes:
https://github.com/Exiv2/exiv2//1018#comment-948573657
History ---------------.
Changes from version 0.27.3 to 0.27.4.
https://github.com/Exiv2/exiv2/milestone/6?=1
Open:
https://github.com/Exiv2/exiv2/milestone/6?open=1
Release Notes:
https://github.com/Exiv2/exiv2//1018#comment-757979745
Group PR
0.28.214 Feb 2024 03:11
security:
Release Notes:
* https://github.com/Exiv2/exiv2/issues/2914
* https://github.com/Exiv2/exiv2/milestone/13?closed=1
This release also fixes two low-severity security issues in quicktimevideo.cpp:
* CVE-2024-24826 (https://github.com/Exiv2/exiv2/security/advisories/GHSA-g9xm-7538-mq8w): out-of-bounds read in QuickTimeVideo::NikonTagsDecoder.
* CVE-2024-25112 (https://github.com/Exiv2/exiv2/security/advisories/GHSA-crmj-qh74-2r36): denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder.
These vulnerabilities are in a new feature (quicktime video) that was added in version 0.28.0, so earlier versions of Exiv2 are not affected.