Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: <updates <at> fedoraproject.org>
Subject: [SECURITY] Fedora 17 Update: libexif-0.6.21-2.fc17
Newsgroups: gmane.linux.redhat.fedora.package.announce
Date: Friday 8th February 2013 02:34:57 UTC (over 3 years ago)
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-1244
2013-01-23 00:33:21
--------------------------------------------------------------------------------

Name        : libexif
Product     : Fedora 17
Version     : 0.6.21
Release     : 2.fc17
URL         : http://libexif.sourceforge.net/
Summary     : Library for extracting extra information from image files
Description :
Most digital cameras produce EXIF files, which are JPEG files with
extra tags that contain information about the image. The EXIF library
allows you to parse an EXIF file and read the data from those tags.

--------------------------------------------------------------------------------
Update Information:

A security bugfix release.


A security bugfix release.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jan 21 2013 Petr Šabata  - 0.6.21-2
- Old build GC'd before pushed into testing
* Fri Jul 13 2012 Petr Šabata  - 0.6.21-1
- 0.6.21 bump
- A security bugfixing release (CVE-2012-2812, CVE-2012-2813,
CVE-2012-2814,
  CVE-2012-2836, CVE-2012-2837, CVE-2012-2840, CVE-2012-2841 &
CVE-2012-2845)
- Drop the pre-generated docs and introduce a doc subpackage
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #839182 - CVE-2012-2813 libexif: "exif_convert_utf16_to_utf8()"
heap-based out-of-bounds array read
        https://bugzilla.redhat.com/show_bug.cgi?id=839182
  [ 2 ] Bug #839183 - CVE-2012-2814 libexif: "exif_entry_format_value()"
buffer overflow
        https://bugzilla.redhat.com/show_bug.cgi?id=839183
  [ 3 ] Bug #839184 - CVE-2012-2836 libexif: "exif_data_load_data()"
heap-based out-of-bounds array read
        https://bugzilla.redhat.com/show_bug.cgi?id=839184
  [ 4 ] Bug #839185 - CVE-2012-2837 libexif:
"mnote_olympus_entry_get_value()" division by zero
        https://bugzilla.redhat.com/show_bug.cgi?id=839185
  [ 5 ] Bug #839188 - CVE-2012-2840 libexif: "exif_convert_utf16_to_utf8()"
off-by-one
        https://bugzilla.redhat.com/show_bug.cgi?id=839188
  [ 6 ] Bug #839189 - CVE-2012-2841 libexif: "exif_entry_get_value()"
integer underflow
        https://bugzilla.redhat.com/show_bug.cgi?id=839189
  [ 7 ] Bug #839203 - CVE-2012-2812 libexif: "exif_entry_get_value()"
heap-based out-of-bounds array read
        https://bugzilla.redhat.com/show_bug.cgi?id=839203
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update libexif' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on
the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/package-announce
 
CD: 3ms