A flaw was found in Exiv2 from commit 307faae8304d. When the library is compiled in Debug mode, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a crash via a crafted BigTIFF file. References: https://bugzilla.redhat.com/show_bug.cgi?id=1524116 https://github.com/Exiv2/exiv2/issues/228 https://github.com/Exiv2/exiv2/issues/208 Patch: https://github.com/Exiv2/exiv2/commit/1647908e00a4df7246d76678e59587e62c690dcd
Created exiv2 tracking bugs for this issue: Affects: fedora-all [bug 1545247]
Statement: This issue did not affect the versions of Exiv2 as shipped with Red Hat Enterprise Linux 6 and 7 as they did not include support for BigTIFF images.