-
libexif (0.6.21-5.1ubuntu0.5) eoan-security; urgency=medium
* SECURITY UPDATE: Out of bounds read
- debian/patches/CVE-2020-0093.patch: fix read
buffer overflow making sure the number of bytes being
copied from does not exceed the source buffer size in
libexif/exif-data.c.
- CVE-2020-0093
* SECURITY UPDATE: Out of bounds read
- debian/patches/CVE-2020-13112.patch: fix MakerNote tag size
overflow check for a size overflow while reading tags in
libexif/canon/exif-mnote-data-canon.c,
libexif/fuji/exif/mnote-data-fuji.c,
libexif/olympus/exif-mnote-data-olympus.c,
libexif/pentax/exif-mnote-data-pentax.c.
- CVE-2020-13112
* SECURITY UPDATE: Possibly crash and potential use-after-free
- debian/patches/CVE-2020-13113.patch: ensures that an uninitialized
pointer is not dereferenced later in the case where the number of
components is 0 in libexif/canon/exif-mnote-data-canon.c,
libexif/fuji/exif-mnote-data-fuji.c,
libexif/olympus/exif-mnote-data-olympus.c,
libexif/pentax/exif-mnote-data-pentax.
- CVE-2020-13113
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2020-13114.patch: add a failsafe on the
maximum number of Canon MakerNote subtags in
libexif/canon/exif-mnote-data-canon.c.
- CVE-2020-13114
* SECURITY UPDATE: Out of bounds read
- debian/patches/CVE-2020-0182.patch: fix a buffer read
overflow in exif_entry_get_value in libexif/exif-entry.c.
- CVE-2020-0182
* SECURITY UPDATE: Integer overflow
- debian/patches/CVE-2020-0198.patch: fix unsigned integer overflow
in libexif/exif-data.c.
- CVE-2020-0198
-- <email address hidden> (Leonidas S. Barbosa) Mon, 08 Jun 2020 12:58:09 -0300
-
libexif (0.6.21-5.1ubuntu0.2) eoan-security; urgency=medium
* SECURITY UPDATE: Divinding by zero vulnerability
- debian/patches/CVE-2020-12767.patch: check if d variable is not zeroed
before use it in libexif/exif-entry.c
- CVE-2020-12767
-- <email address hidden> (Leonidas S. Barbosa) Mon, 11 May 2020 13:44:38 -0300
-
libexif (0.6.21-5.1ubuntu0.1) eoan-security; urgency=medium
* SECURITY UPDATE: Out of bounds write
- debian/patches/CVE-2019-9278.patch: avoid the use of unsafe int overflow
checking constructs and check for the actual sizes to avoid integer
overflows in libexif/exif-data.c.
- CVE-2019-9278
-- <email address hidden> (Leonidas S. Barbosa) Tue, 11 Feb 2020 09:28:46 -0300
-
libexif (0.6.21-5.1) unstable; urgency=medium
* Non-maintainer upload.
* Reduce maximum recursion depth in exif_data_load_data_content
* Improve deep recursion detection in exif_data_load_data_content
(CVE-2018-20030) (Closes: #918730)
-- Salvatore Bonaccorso <email address hidden> Sun, 10 Feb 2019 14:59:33 +0100