Format: 1.8 Date: Wed, 24 May 2023 14:17:45 +0300 Source: jhead Binary: jhead Built-For-Profiles: noudeb Architecture: amd64 Version: 1:3.06.0.1-2ubuntu0.22.10.1 Distribution: kinetic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: George-Andrei Iosif Description: jhead - manipulate the non-image part of Exif compliant JPEG files Changes: jhead (1:3.06.0.1-2ubuntu0.22.10.1) kinetic-security; urgency=medium . * SECURITY UPDATE: heap buffer overflow while rotating an image - debian/patches/CVE-2021-34055.patch: If a read EXIF section in jpgfile.c, then discard it. - CVE-2021-34055 * SECURITY UPDATE: code execution when regenerating the Exif thumbnail - debian/patches/CVE-2022-41751.patch: Adds a check in jhead.c for dangerous characters in filenames. - CVE-2022-41751 Checksums-Sha1: 53f10d799fda916dd0e8d0d453d9aa1ff4b99652 72872 jhead-dbgsym_3.06.0.1-2ubuntu0.22.10.1_amd64.ddeb 3be009a849f92e4b83db6412e7613ff8449b8ed0 6355 jhead_3.06.0.1-2ubuntu0.22.10.1_amd64.buildinfo 5fae64d6d4d35ac030efd22762082f124dbc1f9d 51538 jhead_3.06.0.1-2ubuntu0.22.10.1_amd64.deb Checksums-Sha256: bfe81a728fc3c8e92658e5a1080e1638a66ceeb97ee760d120c1f7fe5a6fdbe7 72872 jhead-dbgsym_3.06.0.1-2ubuntu0.22.10.1_amd64.ddeb b447d1b57140cf2caa15f22895e11abda387ec51293210968558e66fd5fa7066 6355 jhead_3.06.0.1-2ubuntu0.22.10.1_amd64.buildinfo 93eafc5929726ddf4c1edd952f70c227cd58a834755778e3c6b713333353919e 51538 jhead_3.06.0.1-2ubuntu0.22.10.1_amd64.deb Files: 41126117682568de8294c2c0c0a39a89 72872 debug optional jhead-dbgsym_3.06.0.1-2ubuntu0.22.10.1_amd64.ddeb 0d99e4773e8498dd7ca6806ac4ec2003 6355 graphics optional jhead_3.06.0.1-2ubuntu0.22.10.1_amd64.buildinfo 0455632362fdbe736794867175a74af2 51538 graphics optional jhead_3.06.0.1-2ubuntu0.22.10.1_amd64.deb Original-Maintainer: Joachim Reichel