Change logs for jhead source package in Focal
-
jhead (1:3.04-1ubuntu0.2) focal-security; urgency=medium * SECURITY UPDATE: heap buffer overflow while rotating an image - debian/patches/CVE-2021-34055.patch: If a read EXIF section in jpgfile.c, then discard it. - CVE-2021-34055 * SECURITY UPDATE: code execution when regenerating the Exif thumbnail - debian/patches/CVE-2022-41751.patch: Adds a check in jhead.c for dangerous characters in filenames. - CVE-2022-41751 -- George-Andrei Iosif <email address hidden> Wed, 24 May 2023 14:08:36 +0300
-
jhead (1:3.04-1ubuntu0.1) focal-security; urgency=medium * SECURITY UPDATE: heap buffer overflow when processing the DQT markers - debian/patches/CVE-2020-6624.patch: Adds further DQT verifications in jpgqguess.c. - CVE-2020-6624 * SECURITY UPDATE: heap out-of-bounds read when processing longitude tags - debian/patches/CVE-2020-6625.patch: Adds further verifications in gpsinfo.c. - CVE-2020-6625 * SECURITY UPDATE: heap buffer overflow when reading JPEG sections - debian/patches/CVE-2020-26208.patch: Allocates additional 20 bytes in jpgfile.c. - CVE-2020-26208 * SECURITY UPDATE: heap out-of-bounds read when processing Canon images - debian/patches/CVE-2021-28276_28278.patch: Adds further verifications in makernote.c. - CVE-2021-28276 * SECURITY UPDATE: heap buffer overflow when removing a certain type of section - debian/patches/CVE-2021-28276_28278.patch: Adds further verifications while processing nested EXIF directories in exif.c. - CVE-2021-28278 -- George-Andrei Iosif <email address hidden> Wed, 17 May 2023 15:50:56 +0300
-
jhead (1:3.04-1) unstable; urgency=medium * New upstream release * Fix "CVE-2019-19035" in new upstream (Closes: #944961) * d/p/30_spelling: removed, included upstream * d/p/29_reproducible: removed, included upstream * d/p/28_spelling: removed, included upstream * d/p/26_makefile: removed, included upstream * d/p/25_makefile: removed, included upstream * d/p/27_documentation: removed, included upstream * d/p/32_crash_in_gpsinfo: removed, included upstream * d/p/33_fix_908176: removed, included upstream * d/p/34_buffer_overflow: removed, included upstream * d/p/35_fix_alloc_size: removed, fix included upstream * d/p/36_CVE-2019-1010301rm: removed, included upstream * d/p/37_CVE-2019-1010302rm: removed, included upstream * d/control: Standards-Version: 4.2.1 -> 4.3.0. No change needed -- Ludovic Rousseau <email address hidden> Fri, 22 Nov 2019 17:41:30 +0100
-
jhead (1:3.03-3) unstable; urgency=medium * rebuild for source only upload -- Ludovic Rousseau <email address hidden> Sat, 03 Aug 2019 14:53:14 +0200