There is a Segmentation fault in the XmpParser::terminate() function in
Exiv2 0.26, related to an exit call. A Crafted input will lead to a
remote denial of service attack.
Bug report (with reproducer):
Created exiv2 tracking bugs for this issue:
Affects: fedora-all [bug 1474340]