Accepted libexif 0.6.16-2.1 (source i386)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 21 Dec 2007 17:13:58 +0100
Source: libexif
Binary: libexif12 libexif-dev
Architecture: source i386
Version: 0.6.16-2.1
Distribution: unstable
Urgency: high
Maintainer: Frederic Peters <fpeters@debian.org>
Changed-By: Nico Golde <nion@debian.org>
Description:
libexif-dev - library to parse EXIF files (development files)
libexif12 - library to parse EXIF files
Closes: 457330 457330
Changes:
libexif (0.6.16-2.1) unstable; urgency=high
.
* Non-maintainer upload by security team.
* This update addresses the following security issues:
- possible denial of service attack via crafted
image file leading to an infinite recursion in the
exif-loader.c (CVE-2007-6351; Closes: #457330).
- integer overflow in exif-data.c triggered by a crafted
image file could lead to arbitrary code execution
(CVE-2007-6352; Closes: #457330).
Files:
a22d0350058d240f2fb337c473ebe0fd 615 libs optional libexif_0.6.16-2.1.dsc
077206efeafbee981b41f5eea67024c7 15103 libs optional libexif_0.6.16-2.1.diff.gz
d92a74a44d95d55f1d8b44381af7a0de 147904 libdevel optional libexif-dev_0.6.16-2.1_i386.deb
70683c69cdc384dd6717c88f09557c2e 235592 libs optional libexif12_0.6.16-2.1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHa/CKHYflSXNkfP8RAjnsAKCEGaAjLE940JGa7SX+PlpOEleDxQCcC+qO
M+NaccVuEGJEEZYJfmj3bcI=
=pxdQ
-----END PGP SIGNATURE-----
Accepted:
libexif-dev_0.6.16-2.1_i386.deb
to pool/main/libe/libexif/libexif-dev_0.6.16-2.1_i386.deb
libexif12_0.6.16-2.1_i386.deb
to pool/main/libe/libexif/libexif12_0.6.16-2.1_i386.deb
libexif_0.6.16-2.1.diff.gz
to pool/main/libe/libexif/libexif_0.6.16-2.1.diff.gz
libexif_0.6.16-2.1.dsc
to pool/main/libe/libexif/libexif_0.6.16-2.1.dsc