Format: 1.8
Date: Wed, 10 Jul 2019 15:58:32 -0300
Source: exiv2
Binary: exiv2 libexiv2-14 libexiv2-dev libexiv2-doc libexiv2-dbg
Architecture: ppc64el ppc64el_translations
Version: 0.25-2.1ubuntu16.04.4
Distribution: xenial
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-ppc64el-009.buildd>
Changed-By: Leonidas S. Barbosa <leo.barbosa@canonical.com>
Description:
 exiv2      - EXIF/IPTC/XMP metadata manipulation tool
 libexiv2-14 - EXIF/IPTC/XMP metadata manipulation library
 libexiv2-dbg - EXIF/IPTC/XMP metadata manipulation library - debug
 libexiv2-dev - EXIF/IPTC/XMP metadata manipulation library - development files
 libexiv2-doc - EXIF/IPTC/XMP metadata manipulation library - HTML documentation
Changes:
 exiv2 (0.25-2.1ubuntu16.04.4) xenial-security; urgency=medium
 .
    * SECURITY UPDATE: Integer overflow
      - debian/patches/CVE-2018-19107-19108-*.patch: add port of enforce()
        in src/enforce.hpp, use safe:add for preventing overflows in
        PSD files and enforce length of image resource
        section < file size in src/psdimage.cpp.
      - CVE-2018-19107
      - CVE-2018-19108
    * SECURITY UPDATE: Denial of service
      - debian/patches/CVE-2018-19535-*.patch: fixes in
        PngChunk::readRawProfile in src/pngchunk.cpp.
      - CVE-2018-19535
    * SECURITY UPDATE: Denial of service
      - debian/patches/CVE-2019-13110.patch: avoid integer overflow
        in src/crwimage.cpp.
      - CVE-2019-13110
    * SECURITY UPDATE: Denial of service
      - debian/patches/CVE-2019-13112.patch: add bound check
        on allocation size in src/pngchunk.cpp.
      - CVE-2019-13112
    * SECURITY UPDATE: Denial of service
      - debian/patches/CVE-2019-13113.patch: throw an exception
        if the data location is invalid in src/crwimage.cpp,
        src/crwimage_int.hpp.
      - CVE-2019-13113
    * SECURITY UPDATE: Denial of service
      - debian/patches/CVE-2019-13114.patch: avoid null pointer
        exception due to NULL return from strchr in src/http.cpp.
      - CVE-2019-13114
    * Add error codes from src error in order to support CVE-2018-19535
      - debian/patches/0001-Added-error-codes-from-src-error.cpp-into-an-enumera.patch
Checksums-Sha1:
 6f7714261adbd40efac53aff8d82518ad05a1e39 1226 exiv2-dbgsym_0.25-2.1ubuntu16.04.4_ppc64el.ddeb
 dc102400d22bcf5c9974ff381eff44272b7c9f3a 76584 exiv2_0.25-2.1ubuntu16.04.4_ppc64el.deb
 257e895d50b1c4242927ff6a9f931be1aa2843dc 3568481 exiv2_0.25-2.1ubuntu16.04.4_ppc64el_translations.tar.gz
 b0fd737cfb48cc8ff2b5acec4057c308732de368 1228 libexiv2-14-dbgsym_0.25-2.1ubuntu16.04.4_ppc64el.ddeb
 1c2801d373ed0d196a1516eeda0d83f5e107f296 735922 libexiv2-14_0.25-2.1ubuntu16.04.4_ppc64el.deb
 a85897089e82ffa1c9cee4e5d337723507e16537 6244552 libexiv2-dbg_0.25-2.1ubuntu16.04.4_ppc64el.deb
 4344568bc03db4ab67d5575dec9ad8416607acc8 952 libexiv2-dev-dbgsym_0.25-2.1ubuntu16.04.4_ppc64el.ddeb
 cb0fa24e25a8ff28ebac1274a022f3b6ed553296 1001180 libexiv2-dev_0.25-2.1ubuntu16.04.4_ppc64el.deb
Checksums-Sha256:
 e59701d5637b5c23fd2e4a790a1de13ec3c9c1ee72cb78b0f05e305ca4ca531e 1226 exiv2-dbgsym_0.25-2.1ubuntu16.04.4_ppc64el.ddeb
 fc4d8230109b7d1135c68f14eb65961cb46ffa0b608e6246305e9c63d64ae172 76584 exiv2_0.25-2.1ubuntu16.04.4_ppc64el.deb
 52d45060d2cd2ee9ba7e791ff283437ac0fb9c588e36f8f218a5d5f87ee8f890 3568481 exiv2_0.25-2.1ubuntu16.04.4_ppc64el_translations.tar.gz
 dae92aab498996e7b21b05429e1609437d3834d9f7b54cc90c2a1c63cf87e30d 1228 libexiv2-14-dbgsym_0.25-2.1ubuntu16.04.4_ppc64el.ddeb
 31c124be21f4315c001d9a6393a871418cd224e84a7e8eb40b110abf6a7a7b9e 735922 libexiv2-14_0.25-2.1ubuntu16.04.4_ppc64el.deb
 283ea5cc8316e40941870da5687f208bb3394f50c66a8d8854ea9956a3c4a3c9 6244552 libexiv2-dbg_0.25-2.1ubuntu16.04.4_ppc64el.deb
 253cf88963b36754e2431ad81ceb4ce79755f5c933ef71c74ab7ace2c9a9fb71 952 libexiv2-dev-dbgsym_0.25-2.1ubuntu16.04.4_ppc64el.ddeb
 ec8d81027fc43fa65a31ee3652d608a6b1689c1f7f422b352e153e8a06e72641 1001180 libexiv2-dev_0.25-2.1ubuntu16.04.4_ppc64el.deb
Files:
 3202f22cd174c17b002bbc4c6e100e06 1226 graphics extra exiv2-dbgsym_0.25-2.1ubuntu16.04.4_ppc64el.ddeb
 4733423d3af55d06458f875f699fc141 76584 graphics optional exiv2_0.25-2.1ubuntu16.04.4_ppc64el.deb
 aba4ac3af30ed2a508c8637b7bcd287c 3568481 raw-translations - exiv2_0.25-2.1ubuntu16.04.4_ppc64el_translations.tar.gz
 152eba45e0f2a381d61d5f7ab0a5816c 1228 libs extra libexiv2-14-dbgsym_0.25-2.1ubuntu16.04.4_ppc64el.ddeb
 ce9432a7b442ae3642e3f6076fdd42c2 735922 libs optional libexiv2-14_0.25-2.1ubuntu16.04.4_ppc64el.deb
 406a12b0e3c7d38629c5287c6fc16607 6244552 debug extra libexiv2-dbg_0.25-2.1ubuntu16.04.4_ppc64el.deb
 f59b23f0dcf94bb665c7a48be2087018 952 libdevel extra libexiv2-dev-dbgsym_0.25-2.1ubuntu16.04.4_ppc64el.ddeb
 80b7678b0d41f7b90666d8cc0cb23274 1001180 libdevel optional libexiv2-dev_0.25-2.1ubuntu16.04.4_ppc64el.deb
Original-Maintainer: Debian KDE Extras Team <pkg-kde-extras@lists.alioth.debian.org>