Synopsis:          Low: exiv2 security update
Advisory ID:       SLSA-2020:4030-1
Issue Date:        2020-10-01
CVE Numbers:       CVE-2019-17402
--

Security Fix(es):

* exiv2: out-of-bounds read in CiffDirectory::readDirectory due to lack of
size check (CVE-2019-17402)
--

SL7
  x86_64
    exiv2-libs-0.27.0-3.el7_8.i686.rpm
    exiv2-libs-0.27.0-3.el7_8.x86_64.rpm
    exiv2-0.27.0-3.el7_8.x86_64.rpm
    exiv2-debuginfo-0.27.0-3.el7_8.i686.rpm
    exiv2-debuginfo-0.27.0-3.el7_8.x86_64.rpm
    exiv2-devel-0.27.0-3.el7_8.i686.rpm
    exiv2-devel-0.27.0-3.el7_8.x86_64.rpm
  noarch
    exiv2-doc-0.27.0-3.el7_8.noarch.rpm

- Scientific Linux Development Team