libexif 0.6.21-6ubuntu0.3 source package in Ubuntu
Changelog
libexif (0.6.21-6ubuntu0.3) focal-security; urgency=medium
* SECURITY UPDATE: Out of bounds read
- debian/patches/CVE-2020-0093.patch: fix read
buffer overflow making sure the number of bytes being
copied from does not exceed the source buffer size in
libexif/exif-data.c.
- CVE-2020-0093
* SECURITY UPDATE: Out of bounds read
- debian/patches/CVE-2020-13112.patch: fix MakerNote tag size
overflow check for a size overflow while reading tags in
libexif/canon/exif-mnote-data-canon.c,
libexif/fuji/exif/mnote-data-fuji.c,
libexif/olympus/exif-mnote-data-olympus.c,
libexif/pentax/exif-mnote-data-pentax.c.
- CVE-2020-13112
* SECURITY UPDATE: Possibly crash and potential use-after-free
- debian/patches/CVE-2020-13113.patch: ensures that an uninitialized
pointer is not dereferenced later in the case where the number of
components is 0 in libexif/canon/exif-mnote-data-canon.c,
libexif/fuji/exif-mnote-data-fuji.c,
libexif/olympus/exif-mnote-data-olympus.c,
libexif/pentax/exif-mnote-data-pentax.
- CVE-2020-13113
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2020-13114.patch: add a failsafe on the
maximum number of Canon MakerNote subtags in
libexif/canon/exif-mnote-data-canon.c.
- CVE-2020-13114
* SECURITY UPDATE: Out of bounds read
- debian/patches/CVE-2020-0182.patch: fix a buffer read
overflow in exif_entry_get_value in libexif/exif-entry.c.
- CVE-2020-0182
* SECURITY UPDATE: Integer overflow
- debian/patches/CVE-2020-0198.patch: fix unsigned integer overflow
in libexif/exif-data.c.
- CVE-2020-0198
-- <email address hidden> (Leonidas S. Barbosa) Mon, 08 Jun 2020 11:55:38 -0300
Upload details
- Uploaded by:
- Leonidas S. Barbosa
- Uploaded to:
- Focal
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- libs
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| libexif_0.6.21.orig.tar.gz | 2.0 MiB | edb7eb13664cf950a6edd132b75e99afe61c5effe2f16494e6d27bc404b287bf |
| libexif_0.6.21-6ubuntu0.3.debian.tar.xz | 18.9 KiB | d07ee308444c60a5dd6f15b1f4937d8164376495514607321437aa22157b2dd1 |
| libexif_0.6.21-6ubuntu0.3.dsc | 2.2 KiB | 71168404b467864bd5c42d90091debcd2ee24f73e8217339365c5717880f0f37 |
Available diffs
Binary packages built by this source
- libexif-dev: library to parse EXIF files (development files)
Most digital cameras produce EXIF files, which are JPEG files with
extra tags that contain information about the image. The EXIF library
allows you to parse an EXIF file and read the data from those tags.
.
This package contains the development files.
- libexif-doc: library to parse EXIF files (documentation)
Most digital cameras produce EXIF files, which are JPEG files with
extra tags that contain information about the image. The EXIF library
allows you to parse an EXIF file and read the data from those tags.
.
This package contains the development documentation.
- libexif12: library to parse EXIF files
Most digital cameras produce EXIF files, which are JPEG files with
extra tags that contain information about the image. The EXIF library
allows you to parse an EXIF file and read the data from those tags.
- libexif12-dbgsym: debug symbols for libexif12
