Back to libexif PTS page

Accepted libexif 0.6.16-2.1 (source i386)



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Fri, 21 Dec 2007 17:13:58 +0100
Source: libexif
Binary: libexif12 libexif-dev
Architecture: source i386
Version: 0.6.16-2.1
Distribution: unstable
Urgency: high
Maintainer: Frederic Peters <fpeters@debian.org>
Changed-By: Nico Golde <nion@debian.org>
Description: 
 libexif-dev - library to parse EXIF files (development files)
 libexif12  - library to parse EXIF files
Closes: 457330 457330
Changes: 
 libexif (0.6.16-2.1) unstable; urgency=high
 .
   * Non-maintainer upload by security team.
   * This update addresses the following security issues:
     - possible denial of service attack via crafted
       image file leading to an infinite recursion in the
       exif-loader.c (CVE-2007-6351; Closes: #457330).
     - integer overflow in exif-data.c triggered by a crafted
       image file could lead to arbitrary code execution
       (CVE-2007-6352; Closes: #457330).
Files: 
 a22d0350058d240f2fb337c473ebe0fd 615 libs optional libexif_0.6.16-2.1.dsc
 077206efeafbee981b41f5eea67024c7 15103 libs optional libexif_0.6.16-2.1.diff.gz
 d92a74a44d95d55f1d8b44381af7a0de 147904 libdevel optional libexif-dev_0.6.16-2.1_i386.deb
 70683c69cdc384dd6717c88f09557c2e 235592 libs optional libexif12_0.6.16-2.1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHa/CKHYflSXNkfP8RAjnsAKCEGaAjLE940JGa7SX+PlpOEleDxQCcC+qO
M+NaccVuEGJEEZYJfmj3bcI=
=pxdQ
-----END PGP SIGNATURE-----


Accepted:
libexif-dev_0.6.16-2.1_i386.deb
  to pool/main/libe/libexif/libexif-dev_0.6.16-2.1_i386.deb
libexif12_0.6.16-2.1_i386.deb
  to pool/main/libe/libexif/libexif12_0.6.16-2.1_i386.deb
libexif_0.6.16-2.1.diff.gz
  to pool/main/libe/libexif/libexif_0.6.16-2.1.diff.gz
libexif_0.6.16-2.1.dsc
  to pool/main/libe/libexif/libexif_0.6.16-2.1.dsc