CVE-2021-21235:
kamadak-exif is an exif parsing library written in pure Rust. In kamadak-exif version 0.5.2, there is an infinite loop in parsing crafted PNG files. Specifically, reader::read_from_container can cause an infinite loop when a crafted PNG file is given. This is fixed in version 0.5.3. No workaround is available. Applications that do not pass files with the PNG signature to Reader::read_from_container are not affected.
The package has not entered testing even though the delay is over
normal
The package has not entered testing even though the 20-day delay is over.Check why.
vcswatch reports that
this package seems to have a new changelog entry (version
0.5.4-1, distribution
UNRELEASED-FIXME-AUTOGENERATED-DEBCARGO) and new commits
in its VCS. You should consider whether it's time to make
an upload.