Debian Package Tracker - rust-kamadak-exif

A new upstream version is available: 0.5.3 high

A new upstream version 0.5.3 is available, you should consider packaging it.

Created: 2020-06-29 Last update: 2021-01-19 14:02

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2021-21235: kamadak-exif is an exif parsing library written in pure Rust. In kamadak-exif version 0.5.2, there is an infinite loop in parsing crafted PNG files. Specifically, reader::read_from_container can cause an infinite loop when a crafted PNG file is given. This is fixed in version 0.5.3. No workaround is available. Applications that do not pass files with the PNG signature to Reader::read_from_container are not affected.

Please fix it.

Created: 2021-01-06 Last update: 2021-01-07 05:35

1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:

CVE-2021-21235: kamadak-exif is an exif parsing library written in pure Rust. In kamadak-exif version 0.5.2, there is an infinite loop in parsing crafted PNG files. Specifically, reader::read_from_container can cause an infinite loop when a crafted PNG file is given. This is fixed in version 0.5.3. No workaround is available. Applications that do not pass files with the PNG signature to Reader::read_from_container are not affected.

Please fix it.

Created: 2021-01-06 Last update: 2021-01-07 05:35

Multiarch hinter reports 1 issue(s) low

There are issues with the multiarch metadata for this package.

Created: 2019-08-09 Last update: 2021-01-19 11:35

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2019-07-10 Last update: 2019-07-10 21:06

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.1 instead of 4.2.0).

Created: 2019-07-10 Last update: 2020-11-17 05:41