Bug 1185547 (CVE-2021-22204)

Summary: VUL-0: CVE-2021-22204: perl-Image-ExifTool: Arbitrary code execution in ExifTool
Product: [openSUSE] openSUSE Tumbleweed Reporter: Luigi Baldoni <aloisio>
Component: OtherAssignee: Alexei Sorokin <sor.alexei>
Status: RESOLVED FIXED QA Contact: E-mail List <qa-bugs>
Severity: Normal    
Priority: P3 - Medium CC: rfrohl
Version: Current   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Luigi Baldoni 2021-05-03 06:13:30 UTC
As per subject, fixed in 12.24+.
Comment 2 OBSbugzilla Bot 2021-05-04 10:50:03 UTC
This is an autogenerated message for OBS integration:
This bug (1185547) was mentioned in
https://build.opensuse.org/request/show/890301 Backports:SLE-15-SP3 / perl-Image-ExifTool
Comment 3 OBSbugzilla Bot 2021-05-05 07:50:05 UTC
This is an autogenerated message for OBS integration:
This bug (1185547) was mentioned in
https://build.opensuse.org/request/show/890552 15.2+Backports:SLE-15-SP1+Backports:SLE-15-SP2 / perl-Image-ExifTool
Comment 4 Swamp Workflow Management 2021-05-10 22:19:15 UTC
openSUSE-SU-2021:0707-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1185547
CVE References: CVE-2021-22204
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    perl-Image-ExifTool-12.25-lp152.4.3.1
openSUSE Backports SLE-15-SP2 (src):    perl-Image-ExifTool-12.25-bp152.4.3.1
openSUSE Backports SLE-15-SP1 (src):    perl-Image-ExifTool-12.25-bp151.4.3.1
Comment 5 Marcus Meissner 2021-05-11 08:52:48 UTC
done