Format: 1.8 Date: Mon, 08 Jun 2020 12:58:09 -0300 Source: libexif Binary: libexif-dev libexif12 Architecture: arm64 arm64_translations Version: 0.6.21-5.1ubuntu0.5 Distribution: eoan Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Leonidas S. Barbosa Description: libexif-dev - library to parse EXIF files (development files) libexif12 - library to parse EXIF files Changes: libexif (0.6.21-5.1ubuntu0.5) eoan-security; urgency=medium . * SECURITY UPDATE: Out of bounds read - debian/patches/CVE-2020-0093.patch: fix read buffer overflow making sure the number of bytes being copied from does not exceed the source buffer size in libexif/exif-data.c. - CVE-2020-0093 * SECURITY UPDATE: Out of bounds read - debian/patches/CVE-2020-13112.patch: fix MakerNote tag size overflow check for a size overflow while reading tags in libexif/canon/exif-mnote-data-canon.c, libexif/fuji/exif/mnote-data-fuji.c, libexif/olympus/exif-mnote-data-olympus.c, libexif/pentax/exif-mnote-data-pentax.c. - CVE-2020-13112 * SECURITY UPDATE: Possibly crash and potential use-after-free - debian/patches/CVE-2020-13113.patch: ensures that an uninitialized pointer is not dereferenced later in the case where the number of components is 0 in libexif/canon/exif-mnote-data-canon.c, libexif/fuji/exif-mnote-data-fuji.c, libexif/olympus/exif-mnote-data-olympus.c, libexif/pentax/exif-mnote-data-pentax. - CVE-2020-13113 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2020-13114.patch: add a failsafe on the maximum number of Canon MakerNote subtags in libexif/canon/exif-mnote-data-canon.c. - CVE-2020-13114 * SECURITY UPDATE: Out of bounds read - debian/patches/CVE-2020-0182.patch: fix a buffer read overflow in exif_entry_get_value in libexif/exif-entry.c. - CVE-2020-0182 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2020-0198.patch: fix unsigned integer overflow in libexif/exif-data.c. - CVE-2020-0198 Checksums-Sha1: c3c94079781f5b5fbf57d83e13de57d4f2be50e5 81712 libexif-dev_0.6.21-5.1ubuntu0.5_arm64.deb 5d6ed035134d374c162a8ffffc011c53cb0c1647 137128 libexif12-dbgsym_0.6.21-5.1ubuntu0.5_arm64.ddeb ad432cc58b1379bfee03dc0cd6dbf591bb078f9c 73636 libexif12_0.6.21-5.1ubuntu0.5_arm64.deb 8556941d6043ad1799cb4cc32e68c1c90a5801b6 7462 libexif_0.6.21-5.1ubuntu0.5_arm64.buildinfo e06e01c00b31d2f747ace0e6053fb498cb1b7432 1353698 libexif_0.6.21-5.1ubuntu0.5_arm64_translations.tar.gz Checksums-Sha256: 2c347ba16c01d7f9c12982d167326d420ac9fa9e93316bc2caf6d00626ae04cb 81712 libexif-dev_0.6.21-5.1ubuntu0.5_arm64.deb 54d82254e92706ac562f67bfc07292af30b7cea72b00bc9d3c3e3c0eb133d0c2 137128 libexif12-dbgsym_0.6.21-5.1ubuntu0.5_arm64.ddeb dbc42c83d1fe84ad58a722b08b6740973a7c59d9deb1dbecf7ff9512cae794f4 73636 libexif12_0.6.21-5.1ubuntu0.5_arm64.deb 0e169932a516a3304a9e3cefbefd43c8b03b235d538bd415f72fb8204728dade 7462 libexif_0.6.21-5.1ubuntu0.5_arm64.buildinfo 5c17853cd2b91ba07a2dafe93a10529cce341f50582cfe508d477bd31c3b54e4 1353698 libexif_0.6.21-5.1ubuntu0.5_arm64_translations.tar.gz Files: 433226dc7337ac3f0b75c13ec6390fd4 81712 libdevel optional libexif-dev_0.6.21-5.1ubuntu0.5_arm64.deb a54e079a9d35ee3e46cdc2b387352fd4 137128 debug optional libexif12-dbgsym_0.6.21-5.1ubuntu0.5_arm64.ddeb 0a08d9400e50aa3d0c229d9a85825d13 73636 libs optional libexif12_0.6.21-5.1ubuntu0.5_arm64.deb 0aecad04beddc1a26e07c0210dcfd9d4 7462 libs optional libexif_0.6.21-5.1ubuntu0.5_arm64.buildinfo 305e41ff725482734aaf103fdcbaf59d 1353698 raw-translations - libexif_0.6.21-5.1ubuntu0.5_arm64_translations.tar.gz Original-Maintainer: Debian PhotoTools Maintainers