Format: 1.8
Date: Thu, 19 Jul 2012 13:44:45 -0400
Source: libexif
Binary: libexif-dev libexif12
Architecture: armel armel_translations
Version: 0.6.20-1ubuntu0.1
Distribution: oneiric
Urgency: low
Maintainer: Ubuntu/armel Build Daemon <buildd@iara.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 libexif-dev - library to parse EXIF files (development files)
 libexif12  - library to parse EXIF files
Launchpad-Bugs-Fixed: 1024213
Changes: 
 libexif (0.6.20-1ubuntu0.1) oneiric-security; urgency=low
 .
   * SECURITY UPDATE: denial of service and possible info disclosure via
     corrupted EXIF_TAG_COPYRIGHT tag (LP: #1024213)
     - debian/patches/CVE-2012-2812.patch: fix reading tags that aren't
       NUL-terminated in libexif/exif-entry.c.
     - CVE-2012-2812
   * SECURITY UPDATE: denial of service and possible info disclosure via
     UTF-16 tag (LP: #1024213)
     - debian/patches/CVE-2012-2813.patch: don't read past the end of a
       tag when converting from UTF-16 in libexif/exif-entry.c.
     - CVE-2012-2813
   * SECURITY UPDATE: denial of service and possible code execution via
     crafted tags (LP: #1024213)
     - debian/patches/CVE-2012-2814.patch: fix buffer overflows in
       libexif/exif-entry.c.
     - CVE-2012-2814
   * SECURITY UPDATE: denial of service and possible info disclosure via
     crafted tags (LP: #1024213)
     - debian/patches/CVE-2012-2836.patch: fix buffer overflows in
       libexif/exif-data.c
     - CVE-2012-2836
   * SECURITY UPDATE: denial of service via crafted tags (LP: #1024213)
     - debian/patches/CVE-2012-2837.patch: fix some possible
       division-by-zeros in libexif/olympus/mnote-olympus-entry.c.
     - CVE-2012-2837
   * SECURITY UPDATE: denial of service and possible code execution via
     crafted tags (LP: #1024213)
     - debian/patches/CVE-2012-2840.patch: fix off-by-one in
       libexif/exif-utils.c.
     - CVE-2012-2840
   * SECURITY UPDATE: denial of service and possible code execution via
     incorrect buffer size (LP: #1024213)
     - debian/patches/CVE-2012-2841.patch: validate buffer length in
       libexif/exif-entry.c.
     - CVE-2012-2841
Checksums-Sha1: 
 1762085918e7198d469caa90894bfbf52bb6c85c 324928 libexif-dev_0.6.20-1ubuntu0.1_armel.deb
 a7def6ba41633f1100509db92a5c4e6f9c702e9f 79500 libexif12_0.6.20-1ubuntu0.1_armel.deb
 c4021be569c50f0f5f573556e7be4e8fd9e7c013 1198614 libexif_0.6.20-1ubuntu0.1_armel_translations.tar.gz
Checksums-Sha256: 
 9d01a8fad77f060ddc921ec3c948b949d1545baf04f4a32bee719204eece3006 324928 libexif-dev_0.6.20-1ubuntu0.1_armel.deb
 a18a65c63490ce57aafc55eeaaee7459a3560f5e80c1048a7f3ea20125aba2d3 79500 libexif12_0.6.20-1ubuntu0.1_armel.deb
 bd607b1237ea723e12a6050d9e23c2253ef843c4361f0e5b23968b18c73a42e8 1198614 libexif_0.6.20-1ubuntu0.1_armel_translations.tar.gz
Files: 
 9d1c1fa688e37b586525cb99ef9c9fb4 324928 libdevel optional libexif-dev_0.6.20-1ubuntu0.1_armel.deb
 5ca49bd9ab90b50f4249b99f1c452a14 79500 libs optional libexif12_0.6.20-1ubuntu0.1_armel.deb
 665fef1eea2019697c321d0af85f78d5 1198614 raw-translations - libexif_0.6.20-1ubuntu0.1_armel_translations.tar.gz
Original-Maintainer: Debian PhotoTools Maintainers <pkg-phototools-devel@lists.alioth.debian.org>