Package "libexif"
Name: |
libexif
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- library to parse EXIF files (development files)
- library to parse EXIF files
|
Latest version: |
0.6.20-2ubuntu0.7 |
Release: |
precise (12.04) |
Level: |
updates |
Repository: |
main |
Links
Other versions of "libexif" in Precise
Packages in group
Deleted packages are displayed in grey.
Changelog
libexif (0.6.20-2ubuntu0.7) precise-security; urgency=medium
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2020-0452.patch: fixed a incorrect overflow check that could be
optimized away in libexif/exif-entry.c.
- CVE-2020-0452
-- <email address hidden> (Leonidas S. Barbosa) Fri, 06 Nov 2020 11:51:01 -0300
|
Source diff to previous version |
|
libexif (0.6.20-2ubuntu0.1) precise-security; urgency=low
* SECURITY UPDATE: denial of service and possible info disclosure via
corrupted EXIF_TAG_COPYRIGHT tag (LP: #1024213)
- debian/patches/CVE-2012-2812.patch: fix reading tags that aren't
NUL-terminated in libexif/exif-entry.c.
- CVE-2012-2812
* SECURITY UPDATE: denial of service and possible info disclosure via
UTF-16 tag (LP: #1024213)
- debian/patches/CVE-2012-2813.patch: don't read past the end of a
tag when converting from UTF-16 in libexif/exif-entry.c.
- CVE-2012-2813
* SECURITY UPDATE: denial of service and possible code execution via
crafted tags (LP: #1024213)
- debian/patches/CVE-2012-2814.patch: fix buffer overflows in
libexif/exif-entry.c.
- CVE-2012-2814
* SECURITY UPDATE: denial of service and possible info disclosure via
crafted tags (LP: #1024213)
- debian/patches/CVE-2012-2836.patch: fix buffer overflows in
libexif/exif-data.c
- CVE-2012-2836
* SECURITY UPDATE: denial of service via crafted tags (LP: #1024213)
- debian/patches/CVE-2012-2837.patch: fix some possible
division-by-zeros in libexif/olympus/mnote-olympus-entry.c.
- CVE-2012-2837
* SECURITY UPDATE: denial of service and possible code execution via
crafted tags (LP: #1024213)
- debian/patches/CVE-2012-2840.patch: fix off-by-one in
libexif/exif-utils.c.
- CVE-2012-2840
* SECURITY UPDATE: denial of service and possible code execution via
incorrect buffer size (LP: #1024213)
- debian/patches/CVE-2012-2841.patch: validate buffer length in
libexif/exif-entry.c.
- CVE-2012-2841
-- Marc Deslauriers <email address hidden> Thu, 19 Jul 2012 13:18:43 -0400
|
1024213 |
libexif 0.6.21 and exif 0.6.21 were released to fix various overflows and related issues. |
CVE-2012-2812 |
The exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denia |
CVE-2012-2813 |
The exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a |
CVE-2012-2814 |
Buffer overflow in the exif_entry_format_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 allows remote attackers t |
CVE-2012-2836 |
The exif_data_load_data function in exif-data.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial |
CVE-2012-2837 |
The mnote_olympus_entry_get_value function in olympus/mnote-olympus-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote |
CVE-2012-2840 |
Off-by-one error in the exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote |
CVE-2012-2841 |
Integer underflow in the exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 might allow remote attacke |
|
About
-
Send Feedback to @ubuntu_updates