A libimage-exiftool-perl security update has been released for Debian GNU/Linux 8 Extended LTS to address a vulnerability that may result in execution of arbitrary code if a malformed DjVu file is processed.
ELA-430-1 libimage-exiftool-perl security update
Package libimage-exiftool-perl
ELA-430-1 libimage-exiftool-perl security update
Version 9.74-1+deb8u1
Related CVEs CVE-2021-22204
A vulnerability was discovered in libimage-exiftool-perl, a library and program to read and write meta information in multimedia files, which may result in execution of arbitrary code if a malformed DjVu file is processed.
For Debian 8 jessie, these problems have been fixed in version 9.74-1+deb8u1.
We recommend that you upgrade your libimage-exiftool-perl packages.
Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/
