Source: libexif Severity: important The latest Android security bulletin for Pixel phones included a patch for libexif, which was assigned CVE-2020-0198: https://android.googlesource.com/platform/external/libexif/+/1e187b62682ffab5003c702657d6d725b4278f16
The patch in their repo is from March, but doesn't appear to have been merged
into the libexif tree yet (not sure if it was actually submitted or not).
Cheers,
Moritz
