UbuntuUpdates.org

Package "libexif-doc"

Name: libexif-doc

Description:

library to parse EXIF files (documentation)

Latest version: 0.6.24-1ubuntu0.24.04.1
Release: noble (24.04)
Level: security
Repository: main
Head package: libexif
Homepage: https://libexif.github.io/

Links


Download "libexif-doc"


Other versions of "libexif-doc" in Noble

Repository Area Version
base main 0.6.24-1build2
updates main 0.6.24-1ubuntu0.24.04.1

Changelog

Version: 0.6.24-1ubuntu0.24.04.1 2026-07-13 14:10:40 UTC

  libexif (0.6.24-1ubuntu0.24.04.1) noble-security; urgency=medium

  * SECURITY UPDATE: integer overflow when decoding MakerNotes
    - debian/patches/CVE-2026-32775.patch: check maxlen to be at least 1 in
      libexif/apple/mnote-apple-entry.c, libexif/canon/mnote-canon-entry.c,
      libexif/fuji/mnote-fuji-entry.c, libexif/olympus/mnote-olympus-entry.c,
      libexif/pentax/mnote-pentax-entry.c.
    - CVE-2026-32775
  * SECURITY UPDATE: 32bit integer overflow in Nikon MakerNote handling
    - debian/patches/CVE-2026-40385.patch: Avoid overflow on 32bit system when
      reading Nikon MakerNotes in libexif/olympus/exif-mnote-data-olympus.c.
    - CVE-2026-40385
  * SECURITY UPDATE: integer underflow in size checking for Fuji and Olympus
    MakerNote decoding
    - debian/patches/CVE-2026-40386.patch: fixed 2 unsigned integer underflows
      in libexif/fuji/exif-mnote-data-fuji.c, libexif/olympus/exif-mnote-data-
      olympus.c.
    - CVE-2026-40386

 -- Marc Deslauriers <email address hidden> Tue, 07 Jul 2026 10:36:26 -0400

CVE-2026-32775 libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exif_mnote_data_get_value function gets passed in a 0 size, the passed in-buffer wou
CVE-2026-40385 In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or inform
CVE-2026-40386 In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak



About   -   Send Feedback to @ubuntu_updates