0007197: Exiftool CVE-2021-22204 - Kali Linux Bug Tracker

ID	Project	Category	View Status	Date Submitted	Last Update

0007197	Kali Linux	Tool Upgrade Request	public	2021-05-22 06:15	2021-05-25 08:44

Reporter	iis2h	Assigned To	sbrun
Priority	immediate	Severity	minor	Reproducibility	have not tried
Status	closed	Resolution	duplicate
Product Version	2021.1

Summary	0007197: Exiftool CVE-2021-22204
Description	When I try to update the tool it says "tool is already the newest version" it's not ! To patch the bug we need to update it to 12.24 or above Thanks,

sbrun 2021-05-25 08:44 manager ~0014581	The package libimage-exiftool-perl (which provides exiftool) is maintained in Debian. The Debian maintainers can't update the package to a new upstream version as Debian is "freezed" right now (normal process before the new Debian Release). But they are allowed to fix security issues and they had fixed this security issue in version 12.16+dfsg-2: https://tracker.debian.org/media/packages/libi/libimage-exiftool-perl/changelog-12.16dfsg-2 We have the Debian version with the fix in kali-rolling.

Date Modified	Username	Field	Change
2021-05-22 06:15	iis2h	New Issue
2021-05-22 06:15	iis2h	Status	new => assigned
2021-05-22 06:15	iis2h	Assigned To	=> sbrun
2021-05-25 08:43	sbrun	Relationship added	duplicate of 0007183
2021-05-25 08:44	sbrun	Status	assigned => closed
2021-05-25 08:44	sbrun	Resolution	open => duplicate
2021-05-25 08:44	sbrun	Note Added: 0014581
2021-05-31 13:37	rhertzog	Category	Tool Upgrade => Tool Upgrade Request