libexif 0.6.20-2ubuntu0.1 source package in Ubuntu

Changelog

libexif (0.6.20-2ubuntu0.1) precise-security; urgency=low

  * SECURITY UPDATE: denial of service and possible info disclosure via
    corrupted EXIF_TAG_COPYRIGHT tag (LP: #1024213)
    - debian/patches/CVE-2012-2812.patch: fix reading tags that aren't
      NUL-terminated in libexif/exif-entry.c.
    - CVE-2012-2812
  * SECURITY UPDATE: denial of service and possible info disclosure via
    UTF-16 tag (LP: #1024213)
    - debian/patches/CVE-2012-2813.patch: don't read past the end of a
      tag when converting from UTF-16 in libexif/exif-entry.c.
    - CVE-2012-2813
  * SECURITY UPDATE: denial of service and possible code execution via
    crafted tags (LP: #1024213)
    - debian/patches/CVE-2012-2814.patch: fix buffer overflows in
      libexif/exif-entry.c.
    - CVE-2012-2814
  * SECURITY UPDATE: denial of service and possible info disclosure via
    crafted tags (LP: #1024213)
    - debian/patches/CVE-2012-2836.patch: fix buffer overflows in
      libexif/exif-data.c
    - CVE-2012-2836
  * SECURITY UPDATE: denial of service via crafted tags (LP: #1024213)
    - debian/patches/CVE-2012-2837.patch: fix some possible
      division-by-zeros in libexif/olympus/mnote-olympus-entry.c.
    - CVE-2012-2837
  * SECURITY UPDATE: denial of service and possible code execution via
    crafted tags (LP: #1024213)
    - debian/patches/CVE-2012-2840.patch: fix off-by-one in
      libexif/exif-utils.c.
    - CVE-2012-2840
  * SECURITY UPDATE: denial of service and possible code execution via
    incorrect buffer size (LP: #1024213)
    - debian/patches/CVE-2012-2841.patch: validate buffer length in
      libexif/exif-entry.c.
    - CVE-2012-2841
 -- Marc Deslauriers <email address hidden>   Thu, 19 Jul 2012 13:18:43 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2012-07-19
Uploaded to:
Precise
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
libs
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Precise updates on 2012-07-23 main libs
Precise security on 2012-07-23 main libs

Downloads

File Size SHA-256 Checksum
libexif_0.6.20.orig.tar.gz 1.9 MiB d8f437d479dd7172167562d0cbc6b362b7a70166f5989a33995adba082e9204f
libexif_0.6.20-2ubuntu0.1.debian.tar.gz 14.1 KiB e7adc02811565492f7bc68bf0e3bfe27d59b86e679ef6922046e6919887acdb2
libexif_0.6.20-2ubuntu0.1.dsc 2.1 KiB e6a8908b5b152eaced7ec6ef5219b891f7a18e8fd3c6d6b17ed1fe1f463ff7ef

View changes file

Binary packages built by this source

libexif-dev: library to parse EXIF files (development files)

 Most digital cameras produce EXIF files, which are JPEG files with
 extra tags that contain information about the image. The EXIF library
 allows you to parse an EXIF file and read the data from those tags.
 .
 This package contains the development files.

libexif12: library to parse EXIF files

 Most digital cameras produce EXIF files, which are JPEG files with
 extra tags that contain information about the image. The EXIF library
 allows you to parse an EXIF file and read the data from those tags.