Change log for libexif package in Ubuntu
1 → 72 of 72 results | First • Previous • Next • Last |
libexif (0.6.24-1build2) noble; urgency=high * No change rebuild for 64-bit time_t and frame pointers. -- Julian Andres Klode <email address hidden> Mon, 08 Apr 2024 18:03:23 +0200
Available diffs
Superseded in noble-release |
Published in mantic-release |
Published in lunar-release |
Obsolete in kinetic-release |
Published in jammy-release |
Deleted in jammy-proposed (Reason: Moved to jammy) |
libexif (0.6.24-1build1) jammy; urgency=high * No change rebuild for ppc64el baseline bump. -- Julian Andres Klode <email address hidden> Thu, 24 Mar 2022 13:11:45 +0100
Available diffs
- diff from 0.6.24-1 (in Debian) to 0.6.24-1build1 (585 bytes)
libexif (0.6.24-1) unstable; urgency=medium * New upstream version 0.6.24: - Regression in exif_data_load_data fixed; EXIF in JPEG data loads again. - Many Canon tag names decoded. - "Persistent" AFL fuzzer added to code samples. - Translation updates. * debian/copyright: Update for libexif 0.6.24. * Install the upstream documentation and examples in libexif-dev but package the files in libexif-doc (as preferred by Debian Policy section 12.3). * Upstream README and NEWS files are now only installed in libexif-dev. * Delete debian/README.source. -- Hugh McMaster <email address hidden> Sun, 05 Dec 2021 16:28:31 +1100
Available diffs
- diff from 0.6.23-1 to 0.6.24-1 (172.3 KiB)
Superseded in jammy-release |
Deleted in jammy-proposed (Reason: Moved to jammy) |
Deleted in impish-proposed (Reason: Moved ot jammy) |
libexif (0.6.22-3build1) impish; urgency=medium * No-change rebuild to build packages with zstd compression. -- Matthias Klose <email address hidden> Thu, 07 Oct 2021 12:15:14 +0200
Available diffs
- diff from 0.6.22-3 (in Debian) to 0.6.22-3build1 (351 bytes)
libexif (0.6.23-1) unstable; urgency=medium * New upstream version: - Support for more Exif 2.3 tags. - Support for Apple iOS MakerNote format. - Default GPS IFD table added. - EXIF_TAG_SENSITIVITY_TYPE decoder added. - Translation updates. - Multiple security fixes. * debian/control: Raise Standards-Version to 4.6.0 (no changes needed). * debian/copyright: Update for libexif 0.6.23. * debian/gbp.conf: Use DEP-14 branch naming. * debian/patches: Drop all patches. Security fixes included in this version. * debian/upstream/metadata: Update ChangeLog URL. * debian/watch: Use string substitutions where possible. -- Hugh McMaster <email address hidden> Sun, 26 Sep 2021 13:28:52 +1000
Available diffs
- diff from 0.6.22-3build1 (in Ubuntu) to 0.6.23-1 (162.7 KiB)
libexif (0.6.22-2ubuntu0.1) groovy-security; urgency=medium * SECURITY UPDATE: Buffer overflow - debian/patches/CVE-2020-0452.patch: fixed a incorrect overflow check that could be optimized away in libexif/exif-entry.c. - CVE-2020-0452 -- <email address hidden> (Leonidas S. Barbosa) Fri, 06 Nov 2020 12:17:28 -0300
Available diffs
libexif (0.6.21-6ubuntu0.4) focal-security; urgency=medium * SECURITY UPDATE: Buffer overflow - debian/patches/CVE-2020-0452.patch: fixed a incorrect overflow check that could be optimized away in libexif/exif-entry.c. - CVE-2020-0452 -- <email address hidden> (Leonidas S. Barbosa) Fri, 06 Nov 2020 12:14:21 -0300
Available diffs
libexif (0.6.21-4ubuntu0.6) bionic-security; urgency=medium * SECURITY UPDATE: Buffer overflow - debian/patches/CVE-2020-0452.patch: fixed a incorrect overflow check that could be optimized away in libexif/exif-entry.c. - CVE-2020-0452 -- <email address hidden> (Leonidas S. Barbosa) Fri, 06 Nov 2020 12:07:28 -0300
Available diffs
libexif (0.6.21-2ubuntu0.6) xenial-security; urgency=medium * SECURITY UPDATE: Buffer overflow - debian/patches/CVE-2020-0452.patch: fixed a incorrect overflow check that could be optimized away in libexif/exif-entry.c. - CVE-2020-0452 -- <email address hidden> (Leonidas S. Barbosa) Fri, 06 Nov 2020 12:02:37 -0300
Available diffs
libexif (0.6.20-2ubuntu0.7) precise-security; urgency=medium * SECURITY UPDATE: Buffer overflow - debian/patches/CVE-2020-0452.patch: fixed a incorrect overflow check that could be optimized away in libexif/exif-entry.c. - CVE-2020-0452 -- <email address hidden> (Leonidas S. Barbosa) Fri, 06 Nov 2020 11:51:01 -0300
Available diffs
Superseded in jammy-release |
Obsolete in impish-release |
Obsolete in hirsute-release |
Deleted in hirsute-proposed (Reason: moved to Release) |
libexif (0.6.22-3) unstable; urgency=medium * Add upstream patch to prevent compiler optimization of a buffer overflow check (fixes CVE-2020-0452). * Add Forwarded: not-needed to cve-2020-0198.patch. -- Hugh McMaster <email address hidden> Fri, 06 Nov 2020 23:01:25 +1100
Available diffs
- diff from 0.6.22-2 to 0.6.22-3 (1.1 KiB)
Superseded in hirsute-release |
Obsolete in groovy-release |
Deleted in groovy-proposed (Reason: moved to Release) |
libexif (0.6.22-2) unstable; urgency=medium * Add upstream patch to fix an unsigned integer overflow in libexif/exif-data.c (CVE-2020-0198) (Closes: #962345). -- Hugh McMaster <email address hidden> Sat, 13 Jun 2020 18:01:44 +1000
Available diffs
- diff from 0.6.22-1 to 0.6.22-2 (1.2 KiB)
libexif (0.6.21-4ubuntu0.5) bionic-security; urgency=medium * SECURITY UPDATE: Out of bounds read - debian/patches/CVE-2020-0093.patch: fix read buffer overflow making sure the number of bytes being copied from does not exceed the source buffer size in libexif/exif-data.c. - CVE-2020-0093 * SECURITY UPDATE: Out of bounds read - debian/patches/CVE-2020-13112.patch: fix MakerNote tag size overflow check for a size overflow while reading tags in libexif/canon/exif-mnote-data-canon.c, libexif/fuji/exif/mnote-data-fuji.c, libexif/olympus/exif-mnote-data-olympus.c, libexif/pentax/exif-mnote-data-pentax.c. - CVE-2020-13112 * SECURITY UPDATE: Possibly crash and potential use-after-free - debian/patches/CVE-2020-13113.patch: ensures that an uninitialized pointer is not dereferenced later in the case where the number of components is 0 in libexif/canon/exif-mnote-data-canon.c, libexif/fuji/exif-mnote-data-fuji.c, libexif/olympus/exif-mnote-data-olympus.c, libexif/pentax/exif-mnote-data-pentax. - CVE-2020-13113 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2020-13114.patch: add a failsafe on the maximum number of Canon MakerNote subtags in libexif/canon/exif-mnote-data-canon.c. - CVE-2020-13114 * SECURITY UPDATE: Out of bounds read - debian/patches/CVE-2020-0182.patch: fix a buffer read overflow in exif_entry_get_value in libexif/exif-entry.c. - CVE-2020-0182 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2020-0198.patch: fix unsigned integer overflow in libexif/exif-data.c. - CVE-2020-0198 -- <email address hidden> (Leonidas S. Barbosa) Mon, 08 Jun 2020 13:31:12 -0300
Available diffs
libexif (0.6.21-6ubuntu0.3) focal-security; urgency=medium * SECURITY UPDATE: Out of bounds read - debian/patches/CVE-2020-0093.patch: fix read buffer overflow making sure the number of bytes being copied from does not exceed the source buffer size in libexif/exif-data.c. - CVE-2020-0093 * SECURITY UPDATE: Out of bounds read - debian/patches/CVE-2020-13112.patch: fix MakerNote tag size overflow check for a size overflow while reading tags in libexif/canon/exif-mnote-data-canon.c, libexif/fuji/exif/mnote-data-fuji.c, libexif/olympus/exif-mnote-data-olympus.c, libexif/pentax/exif-mnote-data-pentax.c. - CVE-2020-13112 * SECURITY UPDATE: Possibly crash and potential use-after-free - debian/patches/CVE-2020-13113.patch: ensures that an uninitialized pointer is not dereferenced later in the case where the number of components is 0 in libexif/canon/exif-mnote-data-canon.c, libexif/fuji/exif-mnote-data-fuji.c, libexif/olympus/exif-mnote-data-olympus.c, libexif/pentax/exif-mnote-data-pentax. - CVE-2020-13113 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2020-13114.patch: add a failsafe on the maximum number of Canon MakerNote subtags in libexif/canon/exif-mnote-data-canon.c. - CVE-2020-13114 * SECURITY UPDATE: Out of bounds read - debian/patches/CVE-2020-0182.patch: fix a buffer read overflow in exif_entry_get_value in libexif/exif-entry.c. - CVE-2020-0182 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2020-0198.patch: fix unsigned integer overflow in libexif/exif-data.c. - CVE-2020-0198 -- <email address hidden> (Leonidas S. Barbosa) Mon, 08 Jun 2020 11:55:38 -0300
Available diffs
libexif (0.6.21-5.1ubuntu0.5) eoan-security; urgency=medium * SECURITY UPDATE: Out of bounds read - debian/patches/CVE-2020-0093.patch: fix read buffer overflow making sure the number of bytes being copied from does not exceed the source buffer size in libexif/exif-data.c. - CVE-2020-0093 * SECURITY UPDATE: Out of bounds read - debian/patches/CVE-2020-13112.patch: fix MakerNote tag size overflow check for a size overflow while reading tags in libexif/canon/exif-mnote-data-canon.c, libexif/fuji/exif/mnote-data-fuji.c, libexif/olympus/exif-mnote-data-olympus.c, libexif/pentax/exif-mnote-data-pentax.c. - CVE-2020-13112 * SECURITY UPDATE: Possibly crash and potential use-after-free - debian/patches/CVE-2020-13113.patch: ensures that an uninitialized pointer is not dereferenced later in the case where the number of components is 0 in libexif/canon/exif-mnote-data-canon.c, libexif/fuji/exif-mnote-data-fuji.c, libexif/olympus/exif-mnote-data-olympus.c, libexif/pentax/exif-mnote-data-pentax. - CVE-2020-13113 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2020-13114.patch: add a failsafe on the maximum number of Canon MakerNote subtags in libexif/canon/exif-mnote-data-canon.c. - CVE-2020-13114 * SECURITY UPDATE: Out of bounds read - debian/patches/CVE-2020-0182.patch: fix a buffer read overflow in exif_entry_get_value in libexif/exif-entry.c. - CVE-2020-0182 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2020-0198.patch: fix unsigned integer overflow in libexif/exif-data.c. - CVE-2020-0198 -- <email address hidden> (Leonidas S. Barbosa) Mon, 08 Jun 2020 12:58:09 -0300
Available diffs
libexif (0.6.21-2ubuntu0.5) xenial-security; urgency=medium * SECURITY UPDATE: Out of bounds read - debian/patches/CVE-2020-0093.patch: fix read buffer overflow making sure the number of bytes being copied from does not exceed the source buffer size in libexif/exif-data.c. - CVE-2020-0093 * SECURITY UPDATE: Out of bounds read - debian/patches/CVE-2020-13112.patch: fix MakerNote tag size overflow check for a size overflow while reading tags in libexif/canon/exif-mnote-data-canon.c, libexif/fuji/exif/mnote-data-fuji.c, libexif/olympus/exif-mnote-data-olympus.c, libexif/pentax/exif-mnote-data-pentax.c. - CVE-2020-13112 * SECURITY UPDATE: Possibly crash and potential use-after-free - debian/patches/CVE-2020-13113.patch: ensures that an uninitialized pointer is not dereferenced later in the case where the number of components is 0 in libexif/canon/exif-mnote-data-canon.c, libexif/fuji/exif-mnote-data-fuji.c, libexif/olympus/exif-mnote-data-olympus.c, libexif/pentax/exif-mnote-data-pentax. - CVE-2020-13113 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2020-13114.patch: add a failsafe on the maximum number of Canon MakerNote subtags in libexif/canon/exif-mnote-data-canon.c. - CVE-2020-13114 * SECURITY UPDATE: Out of bounds read - debian/patches/CVE-2020-0182.patch: fix a buffer read overflow in exif_entry_get_value in libexif/exif-entry.c. - CVE-2020-0182 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2020-0198.patch: fix unsigned integer overflow in libexif/exif-data.c. - CVE-2020-0198 -- <email address hidden> (Leonidas S. Barbosa) Tue, 09 Jun 2020 09:34:38 -0300
Available diffs
libexif (0.6.22-1) unstable; urgency=medium * New upstream version. - Support for certain EXIF 2.3 tags. - Multiple security fixes. - New and updated translations. * debian/copyright: Update for libexif 0.6.22. * debian/patches: Drop all patches. Upstream has fixed all known bugs. * debian/rules: - No longer include /usr/share/dpkg/architecture.mk. - Remove special handling for the 'binary' target. The problematic directory was renamed 'binary-dist' in this version of libexif. * libexif-dev: Install SECURITY.md. * libexif-doc: Drop dependency on libjs-jquery. -- Hugh McMaster <email address hidden> Tue, 02 Jun 2020 22:02:21 +1000
Available diffs
- diff from 0.6.21-9 to 0.6.22-1 (1.2 MiB)
libexif (0.6.21-9) unstable; urgency=medium * Emmanuel Bouthenot has stepped down as an Uploader. - Thank you for maintaining libexif! * Add Hugh McMaster as an Uploader. * Add upstream patches to fix multiple security issues: - cve-2020-13112.patch: Fix MakerNote tag size overflow issues at read time (CVE-2020-13112) (Closes: #961407). - cve-2020-13113.patch: Ensure MakerNote data pointers are NULL-initialized (CVE-2020-13113) (Closes: #961409). - cve-2020-13114.patch: Add a failsafe on the maximum number of Canon MakerNote subtags to catch extremely large values in tags (CVE-2020-13114) (Closes: #961410). * Rebase other patches as needed. -- Hugh McMaster <email address hidden> Thu, 28 May 2020 23:23:33 +1000
Available diffs
- diff from 0.6.21-8 to 0.6.21-9 (5.5 KiB)
libexif (0.6.21-8) unstable; urgency=medium * Team upload. * debian/copyright: - Extend Emmanuel Bouthenot's years of maintenance to 2014. - Add myself to the 'debian' section. * debian/patches/cve-2020-0093.patch: - Prevent a read buffer overflow in exif-data.c (CVE-2020-0093). * libexif-doc: - Do not remove the Doxygen-generated jquery.js file. - Do not symlink jquery.js to the equivalent system file. -- Hugh McMaster <email address hidden> Wed, 20 May 2020 22:30:00 +1000
Available diffs
- diff from 0.6.21-7 to 0.6.21-8 (1.3 KiB)
libexif (0.6.21-7) unstable; urgency=medium * Team upload. * Frederic Peters has stepped down as an Uploader. Thank you for your work! * debian/control: - Use debhelper-compat v13. - Update Uploaders field. * debian/copyright: Add information for files in contrib/examples. * debian/patches/cve-2020-12767.patch: - Prevent some possible divide-by-zero errors in exif-entry.c's exif_entry_get_value() function (CVE-2020-12767) (Closes: #960199). * debian/patches/exif-loader-undefined-behaviour.patch: - Prevent undefined behaviour when left-shifting with type 'int'. * debian/rules: - Use dh_installdocs-indep override instead of dh_installdocs override. - Remove embedded jquery.js file after installing documentation. - Do not install the upstream ChangeLog. * libexif12: Update source paths for documentation files. * libexif-dev: Update source paths for documentation files. * libexif-doc: - Update source paths for documentation files. - Install contrib/example source files. * Add debian/not-installed file. -- Hugh McMaster <email address hidden> Fri, 15 May 2020 23:23:07 +1000
Available diffs
- diff from 0.6.21-6 to 0.6.21-7 (3.3 KiB)
libexif (0.6.21-2ubuntu0.2) xenial-security; urgency=medium * SECURITY UPDATE: Denial of service - debian/patches/CVE-2018-20030.patch: improve deep recursion detection in exif_data_load_data_content in libexif/exif-data.c. - CVE-2018-20030 * SECURITY UPDATE: Divinding by zero vulnerability - debian/patches/CVE-2020-12767.patch: check if d variable is not zeroed before use it in libexif/exif-entry.c - CVE-2020-12767 -- <email address hidden> (Leonidas S. Barbosa) Mon, 11 May 2020 13:13:09 -0300
Available diffs
libexif (0.6.21-4ubuntu0.2) bionic-security; urgency=medium * SECURITY UPDATE: Denial of service - debian/patches/CVE-2018-20030.patch: improve deep recursion detection in exif_data_load_data_content in libexif/exif-data.c. - CVE-2018-20030 * SECURITY UPDATE: Divinding by zero vulnerability - debian/patches/CVE-2020-12767.patch: check if d variable is not zeroed before use it in libexif/exif-entry.c - CVE-2020-12767 -- <email address hidden> (Leonidas S. Barbosa) Mon, 11 May 2020 13:39:03 -0300
Available diffs
libexif (0.6.21-5.1ubuntu0.2) eoan-security; urgency=medium * SECURITY UPDATE: Divinding by zero vulnerability - debian/patches/CVE-2020-12767.patch: check if d variable is not zeroed before use it in libexif/exif-entry.c - CVE-2020-12767 -- <email address hidden> (Leonidas S. Barbosa) Mon, 11 May 2020 13:44:38 -0300
Available diffs
libexif (0.6.21-6ubuntu0.1) focal-security; urgency=medium * SECURITY UPDATE: Divinding by zero vulnerability - debian/patches/CVE-2020-12767.patch: check if d variable is not zeroed before use it in libexif/exif-entry.c - CVE-2020-12767 -- <email address hidden> (Leonidas S. Barbosa) Mon, 11 May 2020 13:50:50 -0300
Available diffs
libexif (0.6.21-5.1ubuntu0.1) eoan-security; urgency=medium * SECURITY UPDATE: Out of bounds write - debian/patches/CVE-2019-9278.patch: avoid the use of unsafe int overflow checking constructs and check for the actual sizes to avoid integer overflows in libexif/exif-data.c. - CVE-2019-9278 -- <email address hidden> (Leonidas S. Barbosa) Tue, 11 Feb 2020 09:28:46 -0300
Available diffs
libexif (0.6.21-4ubuntu0.1) bionic-security; urgency=medium * SECURITY UPDATE: Out of bounds write - debian/patches/CVE-2019-9278.patch: avoid the use of unsafe int overflow checking constructs and check for the actual sizes to avoid integer overflows in libexif/exif-data.c. - CVE-2019-9278 -- <email address hidden> (Leonidas S. Barbosa) Tue, 11 Feb 2020 09:15:03 -0300
Available diffs
libexif (0.6.21-2ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2016-6328.patch: fix int overflow while parsing MNOTE entry data of the input file in libexif/pentax/mnote-pentax-entry.c - CVE-2016-6328 * SECURITY UPDATE: Out-bouns heap read and denial of service - debian/patches/CVE-2017-7544.patch: fixes out-of-bounds heap read in exif_data_save_data_entry function in libexif/exif-data.c. - CVE-2017-7544 * SECURITY UPDATE: Out of bounds write - debian/patches/CVE-2019-9278.patch: avoid the use of unsafe int overflow checking constructs and check for the actual sizes to avoid integer overflows in libexif/exif-data.c. - CVE-2019-9278 -- <email address hidden> (Leonidas S. Barbosa) Tue, 11 Feb 2020 09:10:54 -0300
Available diffs
Superseded in groovy-release |
Published in focal-release |
Deleted in focal-proposed (Reason: moved to Release) |
libexif (0.6.21-6) unstable; urgency=medium * Team upload. * Acknowledge NMU by Salvatore Bonaccorso. * debian/changelog: Remove trailing whitespace. * debian/control: - Build-Depend on debhelper-compat (=12). - Raise Standards-Version to 4.5.0 from 4.1.3 (no changes needed). - Declare Rules-Requires-Root: no. * debian/patches: Add upstream patches by Marcus Meissner: - Avoid the use of unsafe integer overflow checking constructs (CVE-2019-9278) (Closes: #945948). - Avoid implicit behaviour by casting to unsigned int before shifting left. * debian/rules: Do not manually install libexif.pc into a multi-arch libdir. * libexif12.symbols: Specify libexif-dev in the Build-Depends-Package meta-information field. * Add Debian upstream/metadata file. -- Hugh McMaster <email address hidden> Thu, 23 Jan 2020 20:03:01 +1100
Available diffs
- diff from 0.6.21-5.1 to 0.6.21-6 (3.1 KiB)
Superseded in focal-release |
Obsolete in eoan-release |
Obsolete in disco-release |
Deleted in disco-proposed (Reason: moved to release) |
libexif (0.6.21-5.1) unstable; urgency=medium * Non-maintainer upload. * Reduce maximum recursion depth in exif_data_load_data_content * Improve deep recursion detection in exif_data_load_data_content (CVE-2018-20030) (Closes: #918730) -- Salvatore Bonaccorso <email address hidden> Sun, 10 Feb 2019 14:59:33 +0100
Available diffs
- diff from 0.6.21-5 to 0.6.21-5.1 (2.6 KiB)
Superseded in disco-release |
Obsolete in cosmic-release |
Deleted in cosmic-proposed (Reason: moved to release) |
libexif (0.6.21-5) unstable; urgency=medium * Team upload. * debhelper update: - Update package compatibility to level 11. * debian/changelog: - Remove trailing whitespace. * debian/control: - Build-Depend on debhelper version 11. - Raise Standards-Version from 4.1.1 to 4.1.3 (no changes needed). - Update the Homepage field to point to https://libexif.github.io (Closes: #894183). - Update the Vcs fields to point to https://salsa.debian.org. * debian/copyright: - Update the Source URL field to point to https://libexif.github.io. * debian/patches: - Add .patch file extensions to existing patches. - add-am_prog_ar.patch: Add the AM_PROG_AR macro to configure.ac to avoid an automake warning. - ac_lang_source-macro.patch: Use AC_LANG_SOURCE macros to avoid several automake warnings in configure.ac. - fix-size_t-warnings.patch: Cast %u format specifiers to unsigned long to prevent compiler warnings on 32-bit and 64-bit platforms. * debian/rules: - Update dh_installdocs overrides. - Remove '--parallel' (now handled by debhelper >= level 11). * debian/source/options: - Remove from package. Debhelper handles the specified options by default. * debian/watch: - Update to version 4 and switch to upstream's github repository. -- Hugh McMaster <email address hidden> Tue, 03 Apr 2018 22:53:18 +1000
Available diffs
- diff from 0.6.21-4 to 0.6.21-5 (3.9 KiB)
Superseded in cosmic-release |
Published in bionic-release |
Deleted in bionic-proposed (Reason: moved to release) |
libexif (0.6.21-4) unstable; urgency=high * Team upload. * debian/control: - Allow libexif-doc to take ownership of all documentation files previously packaged with libexif-dev (Closes: #880213). - Remove the Replaces field from libexif12 and libexif-dev. * debian/rules: - Include /usr/share/dpkg/architecture.mk. -- Hugh McMaster <email address hidden> Thu, 02 Nov 2017 22:31:00 +1100
Available diffs
- diff from 0.6.21-2.1 to 0.6.21-4 (2.5 KiB)
- diff from 0.6.21-3 to 0.6.21-4 (920 bytes)
libexif (0.6.21-3) unstable; urgency=medium * Team upload. * Import changes from NMU version 0.6.21-2.1. * Introduce libexif-doc: - Move the development documentation from libexif-dev to avoid PNG file conflicts during multi-arch installation. - Update the package's doc-base registration. * debian/control: - Revise package order. - Update package Depends lists. * debian/copyright: - Fix a formatting error. * debian/rules: - Exclude doxygen md5 files from installation during the 'dh_installdocs' phase. * Do not package the AUTHORS file, since all developers are listed in the debian/copyright file. -- Hugh McMaster <email address hidden> Fri, 27 Oct 2017 21:29:37 +1100
Superseded in bionic-release |
Obsolete in artful-release |
Deleted in artful-proposed (Reason: moved to release) |
libexif (0.6.21-2.1) unstable; urgency=medium * Non-maintainer upload. * debhelper update: - Update package compatibility to level 10. * debian/control: - Bump debhelper build-dep to >= 10~. - Remove dh-autoreconf from the Build-Depends list, as debhelper enables the 'autoreconf' sequence by default. - Bump Standards-Version from 3.9.5 to 4.1.1. - Use the https protocol in the Vcs-Browser field. - Update the URI referenced by the Vcs-Git field. - Mark libexif-dev Multi-Arch: same (Closes: #786562). * debian/copyright: - Update the format specification URI. - Remove references to libjpeg/* and configure.in (lintian). - Merge paragraphs referring to the same source file (lintian). * debian/patches: - Add upstream patches to fix CVE-2016-6328 and CVE-2017-7544 (thanks to Marcus Meissner) (Closes: #873022, #876466). * debian/rules: - Add 'hardening=+all' to DEB_BUILD_MAINT_OPTIONS. - Exclude doxygen md5 files from installation (lintian). - Remove '--with autoreconf' (now handled by debhelper level 10). - Fix grammatical errors in a comment. -- Hugh McMaster <email address hidden> Sat, 07 Oct 2017 22:42:00 +1100
Available diffs
- diff from 0.6.21-2 to 0.6.21-2.1 (3.6 KiB)
Superseded in artful-release |
Obsolete in zesty-release |
Obsolete in yakkety-release |
Published in xenial-release |
Obsolete in wily-release |
Obsolete in vivid-release |
Obsolete in utopic-release |
Deleted in utopic-proposed (Reason: moved to release) |
libexif (0.6.21-2) unstable; urgency=medium * Use autoreconf instead of autotools-dev (Closes: #754399) * Bump Standards-Version to 3.9.5 * Add symbols file for libexif12 * Enable parallel building -- Emmanuel Bouthenot <email address hidden> Sun, 24 Aug 2014 21:34:56 +0200
Available diffs
Superseded in utopic-release |
Published in trusty-release |
Deleted in trusty-proposed (Reason: moved to release) |
libexif (0.6.21-1ubuntu1) trusty; urgency=low * Use dh-autoreconf instead of autotools-dev. -- Matthias Klose <email address hidden> Tue, 03 Dec 2013 16:34:40 +0100
Available diffs
Superseded in trusty-release |
Obsolete in saucy-release |
Obsolete in raring-release |
Deleted in raring-proposed (Reason: moved to release) |
libexif (0.6.21-1) unstable; urgency=low * New upstream release * Refresh and remove deprecated patches * Bump Standards-Version to 3.9.4 * Adjust debhelper dependency version to >= 9 -- Emmanuel Bouthenot <email address hidden> Sat, 26 Jan 2013 18:03:12 +0000
Available diffs
- diff from 0.6.20-3 to 0.6.21-1 (565.5 KiB)
libexif (0.6.16-2.1ubuntu0.2) hardy-security; urgency=low * SECURITY UPDATE: denial of service and possible info disclosure via corrupted EXIF_TAG_COPYRIGHT tag (LP: #1024213) - debian/patches/CVE-2012-2812.dpatch: fix reading tags that aren't NUL-terminated in libexif/exif-entry.c. - CVE-2012-2812 * SECURITY UPDATE: denial of service and possible info disclosure via UTF-16 tag (LP: #1024213) - debian/patches/CVE-2012-2813.dpatch: don't read past the end of a tag when converting from UTF-16 in libexif/exif-entry.c. - CVE-2012-2813 * SECURITY UPDATE: denial of service and possible code execution via crafted tags (LP: #1024213) - debian/patches/CVE-2012-2814.dpatch: fix buffer overflows in libexif/exif-entry.c. - CVE-2012-2814 * SECURITY UPDATE: denial of service and possible info disclosure via crafted tags (LP: #1024213) - debian/patches/CVE-2012-2836.dpatch: fix buffer overflows in libexif/exif-data.c - CVE-2012-2836 * SECURITY UPDATE: denial of service via crafted tags (LP: #1024213) - debian/patches/CVE-2012-2837.dpatch: fix some possible division-by-zeros in libexif/olympus/mnote-olympus-entry.c. - CVE-2012-2837 * SECURITY UPDATE: denial of service and possible code execution via crafted tags (LP: #1024213) - debian/patches/CVE-2012-2840.dpatch: fix off-by-one in libexif/exif-utils.c. - CVE-2012-2840 * SECURITY UPDATE: denial of service and possible code execution via incorrect buffer size (LP: #1024213) - debian/patches/CVE-2012-2841.dpatch: validate buffer length in libexif/exif-entry.c. - CVE-2012-2841 -- Marc Deslauriers <email address hidden> Thu, 19 Jul 2012 14:46:59 -0400
Available diffs
libexif (0.6.19-1ubuntu0.1) lucid-security; urgency=low * SECURITY UPDATE: denial of service and possible info disclosure via corrupted EXIF_TAG_COPYRIGHT tag (LP: #1024213) - debian/patches/CVE-2012-2812.patch: fix reading tags that aren't NUL-terminated in libexif/exif-entry.c. - CVE-2012-2812 * SECURITY UPDATE: denial of service and possible info disclosure via UTF-16 tag (LP: #1024213) - debian/patches/CVE-2012-2813.patch: don't read past the end of a tag when converting from UTF-16 in libexif/exif-entry.c. - CVE-2012-2813 * SECURITY UPDATE: denial of service and possible code execution via crafted tags (LP: #1024213) - debian/patches/CVE-2012-2814.patch: fix buffer overflows in libexif/exif-entry.c. - CVE-2012-2814 * SECURITY UPDATE: denial of service and possible info disclosure via crafted tags (LP: #1024213) - debian/patches/CVE-2012-2836.patch: fix buffer overflows in libexif/exif-data.c - CVE-2012-2836 * SECURITY UPDATE: denial of service via crafted tags (LP: #1024213) - debian/patches/CVE-2012-2837.patch: fix some possible division-by-zeros in libexif/olympus/mnote-olympus-entry.c. - CVE-2012-2837 * SECURITY UPDATE: denial of service and possible code execution via crafted tags (LP: #1024213) - debian/patches/CVE-2012-2840.patch: fix off-by-one in libexif/exif-utils.c. - CVE-2012-2840 * SECURITY UPDATE: denial of service and possible code execution via incorrect buffer size (LP: #1024213) - debian/patches/CVE-2012-2841.patch: validate buffer length in libexif/exif-entry.c. - CVE-2012-2841 -- Marc Deslauriers <email address hidden> Thu, 19 Jul 2012 14:16:25 -0400
Available diffs
libexif (0.6.20-2ubuntu0.1) precise-security; urgency=low * SECURITY UPDATE: denial of service and possible info disclosure via corrupted EXIF_TAG_COPYRIGHT tag (LP: #1024213) - debian/patches/CVE-2012-2812.patch: fix reading tags that aren't NUL-terminated in libexif/exif-entry.c. - CVE-2012-2812 * SECURITY UPDATE: denial of service and possible info disclosure via UTF-16 tag (LP: #1024213) - debian/patches/CVE-2012-2813.patch: don't read past the end of a tag when converting from UTF-16 in libexif/exif-entry.c. - CVE-2012-2813 * SECURITY UPDATE: denial of service and possible code execution via crafted tags (LP: #1024213) - debian/patches/CVE-2012-2814.patch: fix buffer overflows in libexif/exif-entry.c. - CVE-2012-2814 * SECURITY UPDATE: denial of service and possible info disclosure via crafted tags (LP: #1024213) - debian/patches/CVE-2012-2836.patch: fix buffer overflows in libexif/exif-data.c - CVE-2012-2836 * SECURITY UPDATE: denial of service via crafted tags (LP: #1024213) - debian/patches/CVE-2012-2837.patch: fix some possible division-by-zeros in libexif/olympus/mnote-olympus-entry.c. - CVE-2012-2837 * SECURITY UPDATE: denial of service and possible code execution via crafted tags (LP: #1024213) - debian/patches/CVE-2012-2840.patch: fix off-by-one in libexif/exif-utils.c. - CVE-2012-2840 * SECURITY UPDATE: denial of service and possible code execution via incorrect buffer size (LP: #1024213) - debian/patches/CVE-2012-2841.patch: validate buffer length in libexif/exif-entry.c. - CVE-2012-2841 -- Marc Deslauriers <email address hidden> Thu, 19 Jul 2012 13:18:43 -0400
Available diffs
libexif (0.6.20-0ubuntu1.1) natty-security; urgency=low * SECURITY UPDATE: denial of service and possible info disclosure via corrupted EXIF_TAG_COPYRIGHT tag (LP: #1024213) - debian/patches/CVE-2012-2812.patch: fix reading tags that aren't NUL-terminated in libexif/exif-entry.c. - CVE-2012-2812 * SECURITY UPDATE: denial of service and possible info disclosure via UTF-16 tag (LP: #1024213) - debian/patches/CVE-2012-2813.patch: don't read past the end of a tag when converting from UTF-16 in libexif/exif-entry.c. - CVE-2012-2813 * SECURITY UPDATE: denial of service and possible code execution via crafted tags (LP: #1024213) - debian/patches/CVE-2012-2814.patch: fix buffer overflows in libexif/exif-entry.c. - CVE-2012-2814 * SECURITY UPDATE: denial of service and possible info disclosure via crafted tags (LP: #1024213) - debian/patches/CVE-2012-2836.patch: fix buffer overflows in libexif/exif-data.c - CVE-2012-2836 * SECURITY UPDATE: denial of service via crafted tags (LP: #1024213) - debian/patches/CVE-2012-2837.patch: fix some possible division-by-zeros in libexif/olympus/mnote-olympus-entry.c. - CVE-2012-2837 * SECURITY UPDATE: denial of service and possible code execution via crafted tags (LP: #1024213) - debian/patches/CVE-2012-2840.patch: fix off-by-one in libexif/exif-utils.c. - CVE-2012-2840 * SECURITY UPDATE: denial of service and possible code execution via incorrect buffer size (LP: #1024213) - debian/patches/CVE-2012-2841.patch: validate buffer length in libexif/exif-entry.c. - CVE-2012-2841 -- Marc Deslauriers <email address hidden> Thu, 19 Jul 2012 13:46:27 -0400
Available diffs
libexif (0.6.20-1ubuntu0.1) oneiric-security; urgency=low * SECURITY UPDATE: denial of service and possible info disclosure via corrupted EXIF_TAG_COPYRIGHT tag (LP: #1024213) - debian/patches/CVE-2012-2812.patch: fix reading tags that aren't NUL-terminated in libexif/exif-entry.c. - CVE-2012-2812 * SECURITY UPDATE: denial of service and possible info disclosure via UTF-16 tag (LP: #1024213) - debian/patches/CVE-2012-2813.patch: don't read past the end of a tag when converting from UTF-16 in libexif/exif-entry.c. - CVE-2012-2813 * SECURITY UPDATE: denial of service and possible code execution via crafted tags (LP: #1024213) - debian/patches/CVE-2012-2814.patch: fix buffer overflows in libexif/exif-entry.c. - CVE-2012-2814 * SECURITY UPDATE: denial of service and possible info disclosure via crafted tags (LP: #1024213) - debian/patches/CVE-2012-2836.patch: fix buffer overflows in libexif/exif-data.c - CVE-2012-2836 * SECURITY UPDATE: denial of service via crafted tags (LP: #1024213) - debian/patches/CVE-2012-2837.patch: fix some possible division-by-zeros in libexif/olympus/mnote-olympus-entry.c. - CVE-2012-2837 * SECURITY UPDATE: denial of service and possible code execution via crafted tags (LP: #1024213) - debian/patches/CVE-2012-2840.patch: fix off-by-one in libexif/exif-utils.c. - CVE-2012-2840 * SECURITY UPDATE: denial of service and possible code execution via incorrect buffer size (LP: #1024213) - debian/patches/CVE-2012-2841.patch: validate buffer length in libexif/exif-entry.c. - CVE-2012-2841 -- Marc Deslauriers <email address hidden> Thu, 19 Jul 2012 13:44:45 -0400
Available diffs
libexif (0.6.20-3) unstable; urgency=high * Add patches to fix multiples security issues: CVE-2012-2814, CVE-2012-2840, CVE-2012-2813, CVE-2012-2812, CVE-2012-2841, CVE-2012-2836, CVE-2012-2837 (Closes: #681454). -- Emmanuel Bouthenot <email address hidden> Tue, 17 Jul 2012 19:05:20 +0000
Available diffs
- diff from 0.6.20-2 to 0.6.20-3 (5.7 KiB)
libexif (0.6.20-2) unstable; urgency=low [ Kees Cook ] * debian/copyright: fix empty lines in multi-line section, add missing intended "license" lines, add missing BSD license for pt_BR.po. * debian/libexif-dev.install: - use multiple lines instead of technically unsupported {}. - remove .la file, per release goal; there are no build dep using it. * debian/{control,compat,*.install,rules}: build for Multi-Arch support (Closes: #650998) [ Emmanuel Bouthenot ] * Bump Standards-Version to 3.9.2 * Remove DMUA field (no more needed) * Update debian/rules to enable usage of autotools_dev sequence with debhelper * Switch debhelper compatibility to 9 * Update Vcs-Git and Vcs-Browser fields -- Emmanuel Bouthenot <email address hidden> Fri, 27 Jan 2012 20:34:17 +0000
Available diffs
Superseded in precise-release |
libexif (0.6.20-1ubuntu1) precise; urgency=low * Build for multiarch. Closes: #650998. -- Steve Langasek <email address hidden> Mon, 05 Dec 2011 22:15:28 -0800
Available diffs
- diff from 0.6.20-1 to 0.6.20-1ubuntu1 (1.2 KiB)
libexif (0.6.20-1) unstable; urgency=low * New upstream release * debian/copyright: - updates (huge backlog) - switch to DEP5 format * Refresh patches and convert them to DEP3 format * Switch to dpkg-source 3.0 (quilt) format * Update uploader email (me) * Bump Standards-Version to 3.9.1 * Add a patch to support new Canon camera. Thanks to Adrian von Bidder for the patch. Rest In Peace Adrian. (Closes: #617764). -- Rico Tzschichholz <email address hidden> Tue, 17 May 2011 12:04:01 +0000
Available diffs
- diff from 0.6.20-0ubuntu1 to 0.6.20-1 (4.4 KiB)
libexif (0.6.20-0ubuntu1) natty; urgency=low * New upstream release. -- Robert Ancell <email address hidden> Wed, 06 Apr 2011 17:37:38 +1000
Available diffs
- diff from 0.6.19-1 to 0.6.20-0ubuntu1 (547.5 KiB)
libexif (0.6.19-1) unstable; urgency=high * New upstream release - fix CVE-2009-3895: heap buffer overflow during tag format conversion (Closes: #557137) -- Ubuntu Archive Auto-Sync <email address hidden> Wed, 25 Nov 2009 12:40:19 +0000
Available diffs
- diff from 0.6.18-1 to 0.6.19-1 (653.4 KiB)
libexif (0.6.18-1) unstable; urgency=low * New upstream release * Clean and minify the build process (using dh7 overrides) * Bump Standards-Version to 3.8.3. * Add README.source file. * Add doc-base file for libexif API documentation. -- Ubuntu Archive Auto-Sync <email address hidden> Thu, 05 Nov 2009 11:43:14 +0000
Available diffs
- diff from 0.6.17-1 to 0.6.18-1 (953.9 KiB)
libexif (0.6.17-1) unstable; urgency=low * Adopt the package within pkg-phototools: - Set the Maintainer to the group - Add Frederic Peters and myself as Uploaders. - Add Vcs-Browser and Vcs-Git fields accordingly. * New upstream release: - remove patches merged upsteam: + 30_olympus_makernote.dpatch + 40_crash_looking_up_invalid_values.dpatch + 50_relibtoolize.dpatch + CVE-2007-6351.dpatch + CVE-2007-6352.dpatch - convert existing patches from dpatch to quilt. - Fix a bug while reading exif datas in some cases (Closes: #447907) * Switch packaging to debhelper 7 * Update debian/control: - Drop duplicate section field for exif12 - Bump Standards-Version to 3.8.1 - Replace deprecated ${Source-Version} by ${binary:Version} - Enhance libexif-dev long description. - Add homepage field. - Add DM-Upload-Allowed field. * Force remove of files not fully cleaned * Remove empty doc files in libexif-dev. * Update debian/copyright. -- Alessio Treglia <email address hidden> Mon, 01 Jun 2009 16:47:34 +0100
Available diffs
- diff from 0.6.16-2.1ubuntu1 to 0.6.17-1 (510.8 KiB)
libexif (0.6.16-2.1ubuntu0.1) hardy-proposed; urgency=low * Fix reading Olympus EXIF tags (LP: #98851) patch from upstream CVS Aug 16 2007 -- Sam Tygier <email address hidden> Thu, 09 Oct 2008 11:45:51 +0100
Available diffs
libexif (0.6.16-2.1ubuntu1) intrepid; urgency=low * Fix reading Olympus EXIF tags (LP: #98851) patch from upstream CVS Aug 16 2007 -- Sam Tygier <email address hidden> Thu, 09 Oct 2008 11:45:51 +0100
Available diffs
libexif (0.6.12-2ubuntu0.3) dapper-security; urgency=low * SECURITY UPDATE: arbitrary code execution via exif reading/writing. - libexif/exif-{loader,data}.c: upstream fixes, thanks to Nico Golde. - libexif/exif-data.c: upstream anti-crash fixes, thanks to Moritz Muehlenhoff. - CVE-2007-6351 CVE-2007-6352 -- Kees Cook <email address hidden> Tue, 14 Oct 2008 11:56:13 -0700
Available diffs
libexif (0.6.13-5ubuntu0.3) feisty-security; urgency=low * SECURITY UPDATE: arbitrary code execution via exif reading/writing. - libexif/exif-{loader,data}.c: upstream fixes, thanks to Nico Golde. - libexif/exif-data.c: upstream anti-crash fixes, thanks to Moritz Muehlenhoff. - CVE-2007-6351 CVE-2007-6352 -- Kees Cook <email address hidden> Tue, 14 Oct 2008 11:53:36 -0700
Available diffs
libexif (0.6.16-1ubuntu0.1) gutsy-security; urgency=low * SECURITY UPDATE: arbitrary code execution via exif reading/writing. - Add CVE-2007-635[12].dpatch: upstream fixes, thanks to Nico Golde. - CVE-2007-6351 CVE-2007-6352 -- Kees Cook <email address hidden> Tue, 14 Oct 2008 11:49:38 -0700
Available diffs
- diff from 0.6.16-1 to 0.6.16-1ubuntu0.1 (1.2 KiB)
libexif (0.6.16-2.1) unstable; urgency=high * Non-maintainer upload by security team. * This update addresses the following security issues: - possible denial of service attack via crafted image file leading to an infinite recursion in the exif-loader.c (CVE-2007-6351; Closes: #457330). - integer overflow in exif-data.c triggered by a crafted image file could lead to arbitrary code execution (CVE-2007-6352; Closes: #457330). -- Michael Bienia <email address hidden> Fri, 04 Jan 2008 09:56:33 +0000
libexif (0.6.16-2) unstable; urgency=low * debian/libexif12.docs: added README file (closes: #434773) -- Ubuntu Archive Auto-Sync <email address hidden> Tue, 23 Oct 2007 17:08:07 +0100
libexif (0.6.13-5ubuntu0.2) feisty-security; urgency=low * SECURITY UPDATE: arbitrary code execution via crafted EXIF data. * libexif/exif-data.c: upstream fixes applied inline. * References CVE-2006-4168 -- Kees Cook <email address hidden> Thu, 21 Jun 2007 15:42:02 -0700
libexif (0.6.13-4ubuntu0.2) edgy-security; urgency=low * SECURITY UPDATE: arbitrary code execution via crafted EXIF data. * libexif/exif-data.c: upstream fixes applied inline. * References CVE-2006-4168 -- Kees Cook <email address hidden> Thu, 21 Jun 2007 15:42:02 -0700
libexif (0.6.12-2ubuntu0.2) dapper-security; urgency=low * SECURITY UPDATE: arbitrary code execution via crafted EXIF data. * libexif/exif-data.c: upstream fixes applied inline. * References CVE-2006-4168 -- Kees Cook <email address hidden> Thu, 21 Jun 2007 15:42:02 -0700
libexif (0.6.16-1) unstable; urgency=high * New upstream release, with security fix: * Integer overflow in the exif_data_load_data_entry (CVE-2006-4168) (closes: #430012) -- Ubuntu Archive Auto-Sync <email address hidden> Fri, 22 Jun 2007 09:45:51 +0100
Superseded in feisty-security |
libexif (0.6.13-5ubuntu0.1) feisty-security; urgency=low * SECURITY UPDATE: arbitrary code execution via crafted EXIF data. * libexif/exif-data.c: upstream fixes applied inline. * References CVE-2007-2645 -- Kees Cook <email address hidden> Mon, 11 Jun 2007 11:22:06 -0700
Superseded in edgy-security |
libexif (0.6.13-4ubuntu0.1) edgy-security; urgency=low * SECURITY UPDATE: arbitrary code execution via crafted EXIF data. * libexif/exif-data.c: upstream fixes applied inline. * References CVE-2007-2645 -- Kees Cook <email address hidden> Mon, 11 Jun 2007 11:24:50 -0700
Superseded in dapper-security |
libexif (0.6.12-2ubuntu0.1) dapper-security; urgency=low * SECURITY UPDATE: arbitrary code execution via crafted EXIF data. * libexif/exif-data.c: upstream fixes applied inline. * References CVE-2007-2645 -- Kees Cook <email address hidden> Mon, 11 Jun 2007 11:23:32 -0700
libexif (0.6.15-1) unstable; urgency=high * New upstream release, with security fixes: * Integer overflow in the exif_data_load_data_entry (CVE-2007-2645) (closes: #424775) * Don't dereference NULL (CID 4) (no assigned CVE) * Don't parse Makernote when there is not enough data for (makernote-irelevant) IFD1 (no assigned CVE) * debian/patches/30_olympus_makernote.dpatch: merged upstream * debian/patches/40_crash_looking_up_invalid_values.dpatch: merged upstream * debian/patches/50_relibtoolize.dpatch: run libtoolize on sources -- Ubuntu Archive Auto-Sync <email address hidden> Wed, 30 May 2007 07:31:40 +0100
libexif (0.6.13-6) unstable; urgency=low * debian/control: added build-depends on dpatch * debian/rules: use dpatch * debian/patches/10_pkg_config_header_dir.dpatch: patch from 0.6.13-4 * debian/patches/20_extra_colorspace_check.dpatch: patch from 0.6.13-5 * debian/patches/30_olympus_makernote.dpatch: added support for Olympus S760 & S770 makernote (closes: #418945) * debian/patches/40_crash_looking_up_invalid_values.dpatch: backport of "fixed crashes when looking up invalid values (upstream #1457501)". -- Ubuntu Archive Auto-Sync <email address hidden> Wed, 09 May 2007 13:59:59 +0100
libexif (0.6.13-5build1) feisty; urgency=low * Rebuild for changes in the amd64 toolchain. -- Matthias Klose <email address hidden> Mon, 5 Mar 2007 01:20:12 +0000
libexif (0.6.13-5) unstable; urgency=low * libexif/exif-entry.c: added extra check against value read for color space (closes: #398426) (this is not from upstream but upstream is said to have this fixed as well, couldn't find how) -- Ubuntu Archive Auto-Sync <email address hidden> Wed, 22 Nov 2006 11:28:45 +0000
libexif (0.6.13-4) unstable; urgency=low * libexif/libexif.pc.in: fixed CFLAGS, so include dir is correctly set. (closes: #356567)
Superseded in edgy-release |
Obsolete in dapper-release |
Superseded in dapper-release |
Obsolete in breezy-release |
libexif (0.6.12-2) unstable; urgency=low * libexif/exif-data.c: backported fix from CVS (revision 1.68) (closes: #318662) -- Frederic Peters <email address hidden> Sun, 17 Jul 2005 02:49:46 +0200
Obsolete in hoary-release |
libexif (0.6.9-4ubuntu1) hoary; urgency=low * SECURITY UPDATE: Fix buffer overflow. * libexif/exif-data.c: Add buffer size checks in several places before trying to access it. * Thanks to Sylvain Defresne for spotting this and the patch. * References: https://bugzilla.ubuntulinux.org/show_bug.cgi?id=7152 -- Martin Pitt <email address hidden> Mon, 7 Mar 2005 17:43:08 +0100
libexif (0.6.9-1ubuntu0.1) warty-security; urgency=low * SECURITY UPDATE: Fix buffer overflow. * libexif/exif-data.c: Add buffer size checks in several places before trying to access it. * Thanks to Sylvain Defresne for spotting this and the patch. * References: https://bugzilla.ubuntulinux.org/show_bug.cgi?id=7152 -- Martin Pitt <email address hidden> Mon, 7 Mar 2005 17:55:11 +0100
libexif (0.6.9-1) unstable; urgency=low * New upstream release. -- christophe barbe <email address hidden> Fri, 28 May 2004 16:15:19 -0400
1 → 72 of 72 results | First • Previous • Next • Last |