Format: 1.8 Date: Mon, 08 Jun 2020 12:58:09 -0300 Source: libexif Binary: libexif-dev libexif12 Architecture: i386 i386_translations Version: 0.6.21-5.1ubuntu0.5 Distribution: eoan Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Leonidas S. Barbosa Description: libexif-dev - library to parse EXIF files (development files) libexif12 - library to parse EXIF files Changes: libexif (0.6.21-5.1ubuntu0.5) eoan-security; urgency=medium . * SECURITY UPDATE: Out of bounds read - debian/patches/CVE-2020-0093.patch: fix read buffer overflow making sure the number of bytes being copied from does not exceed the source buffer size in libexif/exif-data.c. - CVE-2020-0093 * SECURITY UPDATE: Out of bounds read - debian/patches/CVE-2020-13112.patch: fix MakerNote tag size overflow check for a size overflow while reading tags in libexif/canon/exif-mnote-data-canon.c, libexif/fuji/exif/mnote-data-fuji.c, libexif/olympus/exif-mnote-data-olympus.c, libexif/pentax/exif-mnote-data-pentax.c. - CVE-2020-13112 * SECURITY UPDATE: Possibly crash and potential use-after-free - debian/patches/CVE-2020-13113.patch: ensures that an uninitialized pointer is not dereferenced later in the case where the number of components is 0 in libexif/canon/exif-mnote-data-canon.c, libexif/fuji/exif-mnote-data-fuji.c, libexif/olympus/exif-mnote-data-olympus.c, libexif/pentax/exif-mnote-data-pentax. - CVE-2020-13113 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2020-13114.patch: add a failsafe on the maximum number of Canon MakerNote subtags in libexif/canon/exif-mnote-data-canon.c. - CVE-2020-13114 * SECURITY UPDATE: Out of bounds read - debian/patches/CVE-2020-0182.patch: fix a buffer read overflow in exif_entry_get_value in libexif/exif-entry.c. - CVE-2020-0182 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2020-0198.patch: fix unsigned integer overflow in libexif/exif-data.c. - CVE-2020-0198 Checksums-Sha1: e254bf5811d7c3eb57542e07320118b7a15ac725 87812 libexif-dev_0.6.21-5.1ubuntu0.5_i386.deb ecd91c7ed70d1430f03a962b2f5462c3f93b65e2 118912 libexif12-dbgsym_0.6.21-5.1ubuntu0.5_i386.ddeb 7ab59c6a88f28950eadf61582bc25329fb2879f1 76288 libexif12_0.6.21-5.1ubuntu0.5_i386.deb 60d2b1c9f6398e8890c861d4f18c5e8dc73b1cb3 7393 libexif_0.6.21-5.1ubuntu0.5_i386.buildinfo bb035d60f69ea59254b72c59cc2f3c315ee4fb29 1356195 libexif_0.6.21-5.1ubuntu0.5_i386_translations.tar.gz Checksums-Sha256: 03e65bce923608c3cd91675c0cf67d3f174ff7aca49c8464af7e875e418f937b 87812 libexif-dev_0.6.21-5.1ubuntu0.5_i386.deb 1fff8daf15d97b37e968813ce9691356f6803f0cda71ca48b5cd3fa6a8be3726 118912 libexif12-dbgsym_0.6.21-5.1ubuntu0.5_i386.ddeb 1abd28068e88004f212fe47af773423a0a4aeae2b930c0b7b47e5a200c57d99e 76288 libexif12_0.6.21-5.1ubuntu0.5_i386.deb 66107b5a26a2a3a724117ecd6629a0027d1af19bd04c4b1e9289617cffdd344e 7393 libexif_0.6.21-5.1ubuntu0.5_i386.buildinfo ed3111daed9018b30316c758700e5ca08d2df6342235732fa2a38de40e6d3af0 1356195 libexif_0.6.21-5.1ubuntu0.5_i386_translations.tar.gz Files: 980c40cb3aed25a1a239344564952e9a 87812 libdevel optional libexif-dev_0.6.21-5.1ubuntu0.5_i386.deb 6648f26945a13edbcff71718c4d930ff 118912 debug optional libexif12-dbgsym_0.6.21-5.1ubuntu0.5_i386.ddeb 9d21922d9dffbd423da5db01c8c38aca 76288 libs optional libexif12_0.6.21-5.1ubuntu0.5_i386.deb 3ea3c6fd7852140c3e1311bd7536eb2e 7393 libs optional libexif_0.6.21-5.1ubuntu0.5_i386.buildinfo 11ffb73d1c7749c3ff165adca02714ac 1356195 raw-translations - libexif_0.6.21-5.1ubuntu0.5_i386_translations.tar.gz Original-Maintainer: Debian PhotoTools Maintainers