-
Committer:
Package Import Robot
-
Author(s):
Marc Deslauriers
-
Date:
2012-07-19 14:46:59 UTC
-
mfrom:
(6.1.1 hardy-proposed)
-
Revision ID:
package-import@ubuntu.com-20120719144659-rv2mogffbrtd9ogy
Tags: 0.6.16-2.1ubuntu0.2
* SECURITY UPDATE: denial of service and possible info disclosure via
corrupted EXIF_TAG_COPYRIGHT tag (LP: #1024213)
- debian/patches/CVE-2012-2812.dpatch: fix reading tags that aren't
NUL-terminated in libexif/exif-entry.c.
- CVE-2012-2812
* SECURITY UPDATE: denial of service and possible info disclosure via
UTF-16 tag (LP: #1024213)
- debian/patches/CVE-2012-2813.dpatch: don't read past the end of a
tag when converting from UTF-16 in libexif/exif-entry.c.
- CVE-2012-2813
* SECURITY UPDATE: denial of service and possible code execution via
crafted tags (LP: #1024213)
- debian/patches/CVE-2012-2814.dpatch: fix buffer overflows in
libexif/exif-entry.c.
- CVE-2012-2814
* SECURITY UPDATE: denial of service and possible info disclosure via
crafted tags (LP: #1024213)
- debian/patches/CVE-2012-2836.dpatch: fix buffer overflows in
libexif/exif-data.c
- CVE-2012-2836
* SECURITY UPDATE: denial of service via crafted tags (LP: #1024213)
- debian/patches/CVE-2012-2837.dpatch: fix some possible
division-by-zeros in libexif/olympus/mnote-olympus-entry.c.
- CVE-2012-2837
* SECURITY UPDATE: denial of service and possible code execution via
crafted tags (LP: #1024213)
- debian/patches/CVE-2012-2840.dpatch: fix off-by-one in
libexif/exif-utils.c.
- CVE-2012-2840
* SECURITY UPDATE: denial of service and possible code execution via
incorrect buffer size (LP: #1024213)
- debian/patches/CVE-2012-2841.dpatch: validate buffer length in
libexif/exif-entry.c.
- CVE-2012-2841