Back to exiv2 PTS page

Accepted exiv2 0.24-4.1+deb8u1 (source all) into oldstable

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 27 Jun 2018 08:09:34 -0400
Source: exiv2
Binary: exiv2 libexiv2-13 libexiv2-dev libexiv2-doc libexiv2-dbg
Architecture: source all
Version: 0.24-4.1+deb8u1
Distribution: jessie-security
Urgency: high
Maintainer: Debian KDE Extras Team <pkg-kde-extras@lists.alioth.debian.org>
Changed-By: Roberto C. Sanchez <roberto@debian.org>
Description:
 exiv2      - EXIF/IPTC metadata manipulation tool
 libexiv2-13 - EXIF/IPTC metadata manipulation library
 libexiv2-dbg - EXIF/IPTC metadata manipulation library - debug
 libexiv2-dev - EXIF/IPTC metadata manipulation library - development files
 libexiv2-doc - EXIF/IPTC metadata manipulation library - HTML documentation
Closes: 901706 901707
Changes:
 exiv2 (0.24-4.1+deb8u1) jessie-security; urgency=high
 .
   * Non-maintainer upload by the LTS Security Team.
   * CVE-2018-10958: denial of service through memory exhaustion and
     application crash by a crafted PNG image.
   * CVE-2018-10999: a heap-based buffer over-read via a crafted PNG image.
   * CVE-2018-10998: denial of service through memory exhaustion and
     application crash by a crafted image.
   * CVE-2018-11531: a heap-based buffer overflow and application crash by a
     crafted image.
   * CVE-2018-12264: integer overflow leading to out of bounds read by a
     crafted image. (Closes: #901707)
   * CVE-2018-12265: integer overflow leading to out of bounds read by a
     crafted image. (Closes: #901706)
Checksums-Sha1:
 f04b80fd2b7346b8b965fbec4a93152de84de824 2295 exiv2_0.24-4.1+deb8u1.dsc
 2f19538e54f8c21c180fa96d17677b7cff7dc1bb 4635028 exiv2_0.24.orig.tar.gz
 3748cf4fb3c265ebb41884de32c790ffbaa10fc2 16484 exiv2_0.24-4.1+deb8u1.debian.tar.xz
 aeacdc61a661f81c31948b7fbde4ce504fd81453 19236196 libexiv2-doc_0.24-4.1+deb8u1_all.deb
Checksums-Sha256:
 b8682edf3036b6e16b470275486e1e10232714fba255534a576e0ac295bb039f 2295 exiv2_0.24-4.1+deb8u1.dsc
 f4a443e6c7fb9d9f5e787732f76969a64c72c4c04af69b10ed57f949c2dfef8e 4635028 exiv2_0.24.orig.tar.gz
 836ea7177f6072364593764eb423d5c9943b34a6d7ff4a113478eb29ea7ebeb1 16484 exiv2_0.24-4.1+deb8u1.debian.tar.xz
 ba40b316654acbbeddc4b608bf2558307d07cdba8b4ce34edac712d7329651ae 19236196 libexiv2-doc_0.24-4.1+deb8u1_all.deb
Files:
 0fdb306cdd377320ebbd53d12297c493 2295 graphics optional exiv2_0.24-4.1+deb8u1.dsc
 b8a23dc56a98ede85c00718a97a8d6fc 4635028 graphics optional exiv2_0.24.orig.tar.gz
 106819a40770aa61564cb2fee6fa34c2 16484 graphics optional exiv2_0.24-4.1+deb8u1.debian.tar.xz
 e99d4d5c78c09041ae55197d5ea43ec7 19236196 doc optional libexiv2-doc_0.24-4.1+deb8u1_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEz9ERzDttUsU/BH8iLNd4Xt2nsg8FAls0ZtwACgkQLNd4Xt2n
sg+tIw//XGl6C9zydmllI5sAheI50M+SskaghqcsoMVVwOhI8CJi4Blo0xZU0E1B
LBfGzOiD1qpsN2ZIGl/gM7jQ0Zdv3ObPrJ6YBic/5c0lGKDLqEQkWK1SmpGtlCkt
cGltRKHntgRxPIWepKbQqRNrOMyw9G2u4RV5rR9MOfGSRPFez6OqshWXNRWwaY5P
1DcPvHLJwW2fqpsrtkgQvjV2C+KDKYbhNNtpxaniF44xawY4M63MTMixZAL6wLMs
eJCRP8mtX6pPVuItDNaXridvel66KKg24lE1/IdTplfNTbCUGRMjuklHaxDmqZaq
TVIdBT+Q6Mg50qwARg7vmT5yfcvLsSyomZ1RsTOIyQZ+iBH/kb/q+rw2RFEj8dZS
2qtMovHTux7z2DJavS0iMuBcWgQeE/fnhiQ/iFZzVwBDkEapByYNAjsOW+bjLF7v
Bzq1A7NqxKllv9AtTFn6uuVqpzpLJW/zlVfRw/BLVtiI74bwvGEHpCrs5R0UYnrv
km1KflazVBKqIM1SmZlcZ5pJxtmpmLvhSylGERlgqJylixz89zR4M/6X89yJwZqT
V9OGatVXVqHqsTUzhXIl56Lm/3O9n9/f+Hi/Kn1TWR75TqsJU1zh0U6d0wtxErMS
/Fdm0dR583Jqf2eQ9ThvUph+R84M0kiF85X0cA51S70uI9YY4+Y=
=f/qw
-----END PGP SIGNATURE-----