Multiple vulnerabilities have been found in Exiv2, the worst of which could result in a Denial of Service condition.
|Package||media-gfx/exiv2 on all architectures|
|Affected versions||< 0.26_p20180811-r3|
|Unaffected versions||>= 0.26_p20180811-r3|
Exiv2 is a C++ library and a command line utility to manage image metadata.
Multiple vulnerabilities have been discovered in Exiv2. Please review the CVE identifiers referenced below for details.
A remote attacker could cause a Denial of Service condition or obtain sensitive information via a specially crafted file.
There is no known workaround at this time.
All Exiv2 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=media-gfx/exiv2-0.26_p20180811-r3"