libexif (0.6.19-1ubuntu0.1) lucid-security; urgency=low * SECURITY UPDATE: denial of service and possible info disclosure via corrupted EXIF_TAG_COPYRIGHT tag (LP: #1024213) - debian/patches/CVE-2012-2812.patch: fix reading tags that aren't NUL-terminated in libexif/exif-entry.c. - CVE-2012-2812 * SECURITY UPDATE: denial of service and possible info disclosure via UTF-16 tag (LP: #1024213) - debian/patches/CVE-2012-2813.patch: don't read past the end of a tag when converting from UTF-16 in libexif/exif-entry.c. - CVE-2012-2813 * SECURITY UPDATE: denial of service and possible code execution via crafted tags (LP: #1024213) - debian/patches/CVE-2012-2814.patch: fix buffer overflows in libexif/exif-entry.c. - CVE-2012-2814 * SECURITY UPDATE: denial of service and possible info disclosure via crafted tags (LP: #1024213) - debian/patches/CVE-2012-2836.patch: fix buffer overflows in libexif/exif-data.c - CVE-2012-2836 * SECURITY UPDATE: denial of service via crafted tags (LP: #1024213) - debian/patches/CVE-2012-2837.patch: fix some possible division-by-zeros in libexif/olympus/mnote-olympus-entry.c. - CVE-2012-2837 * SECURITY UPDATE: denial of service and possible code execution via crafted tags (LP: #1024213) - debian/patches/CVE-2012-2840.patch: fix off-by-one in libexif/exif-utils.c. - CVE-2012-2840 * SECURITY UPDATE: denial of service and possible code execution via incorrect buffer size (LP: #1024213) - debian/patches/CVE-2012-2841.patch: validate buffer length in libexif/exif-entry.c. - CVE-2012-2841
Date: Thu, 19 Jul 2012 14:16:25 -0400 Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com> Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com> https://launchpad.net/ubuntu/lucid/+source/libexif/0.6.19-1ubuntu0.1
Format: 1.8 Date: Thu, 19 Jul 2012 14:16:25 -0400 Source: libexif Binary: libexif-dev libexif12 Architecture: source Version: 0.6.19-1ubuntu0.1 Distribution: lucid-security Urgency: low Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com> Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com> Description: libexif-dev - library to parse EXIF files (development files) libexif12 - library to parse EXIF files Launchpad-Bugs-Fixed: 1024213 1024213 1024213 1024213 1024213 1024213 1024213 Changes: libexif (0.6.19-1ubuntu0.1) lucid-security; urgency=low . * SECURITY UPDATE: denial of service and possible info disclosure via corrupted EXIF_TAG_COPYRIGHT tag (LP: #1024213) - debian/patches/CVE-2012-2812.patch: fix reading tags that aren't NUL-terminated in libexif/exif-entry.c. - CVE-2012-2812 * SECURITY UPDATE: denial of service and possible info disclosure via UTF-16 tag (LP: #1024213) - debian/patches/CVE-2012-2813.patch: don't read past the end of a tag when converting from UTF-16 in libexif/exif-entry.c. - CVE-2012-2813 * SECURITY UPDATE: denial of service and possible code execution via crafted tags (LP: #1024213) - debian/patches/CVE-2012-2814.patch: fix buffer overflows in libexif/exif-entry.c. - CVE-2012-2814 * SECURITY UPDATE: denial of service and possible info disclosure via crafted tags (LP: #1024213) - debian/patches/CVE-2012-2836.patch: fix buffer overflows in libexif/exif-data.c - CVE-2012-2836 * SECURITY UPDATE: denial of service via crafted tags (LP: #1024213) - debian/patches/CVE-2012-2837.patch: fix some possible division-by-zeros in libexif/olympus/mnote-olympus-entry.c. - CVE-2012-2837 * SECURITY UPDATE: denial of service and possible code execution via crafted tags (LP: #1024213) - debian/patches/CVE-2012-2840.patch: fix off-by-one in libexif/exif-utils.c. - CVE-2012-2840 * SECURITY UPDATE: denial of service and possible code execution via incorrect buffer size (LP: #1024213) - debian/patches/CVE-2012-2841.patch: validate buffer length in libexif/exif-entry.c. - CVE-2012-2841 Checksums-Sha1: 928b7a3daa25d23018082fb6ef40323bb1fced14 2106 libexif_0.6.19-1ubuntu0.1.dsc c6b40957c8356d2888f37fef5dc9692902ca39dc 11011 libexif_0.6.19-1ubuntu0.1.diff.gz Checksums-Sha256: 63221a9757fed036be4f37fd98a33c85235fd29785e602c13d74058ba7830038 2106 libexif_0.6.19-1ubuntu0.1.dsc c5bf2650dbd6af7285dac7910d4ef6157b55645e1d03f8857af27135f79efab4 11011 libexif_0.6.19-1ubuntu0.1.diff.gz Files: ab4bf9c1098cb29fbaa33c41298de775 2106 libs optional libexif_0.6.19-1ubuntu0.1.dsc 3cb23ab79a5d3687154ea14e374abbbd 11011 libs optional libexif_0.6.19-1ubuntu0.1.diff.gz Original-Maintainer: Debian PhotoTools Maintainers <pkg-phototools-de...@lists.alioth.debian.org>
-- Lucid-changes mailing list Lucid-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/lucid-changes