-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 24 Jun 2020 23:25:22 +1000 Source: libexif Binary: libexif-dev libexif12 Architecture: source amd64 Version: 0.6.21-2+deb9u4 Distribution: stretch Urgency: medium Maintainer: Debian PhotoTools Maintainers <pkg-phototools-devel@lists.alioth.debian.org> Changed-By: Hugh McMaster <hugh.mcmaster@outlook.com> Description: libexif-dev - library to parse EXIF files (development files) libexif12 - library to parse EXIF files Closes: 962345 Changes: libexif (0.6.21-2+deb9u4) stretch; urgency=medium . * Add upstream patches to fix two security issues: - Fix a buffer read overflow in exif_entry_get_value() (CVE-2020-0182). - Fix an unsigned integer overflow in libexif/exif-data.c (CVE-2020-0198) (Closes: #962345). Checksums-Sha1: 3bf7f84f3e0e0ea01eecdbb1ef7c00957f4bc544 2098 libexif_0.6.21-2+deb9u4.dsc 4106f02eb5f075da4594769b04c87f59e9f3b931 2081615 libexif_0.6.21.orig.tar.gz f0c75d8997a02fdd1c2eefd6ffffb3606a39f32d 16296 libexif_0.6.21-2+deb9u4.debian.tar.xz cbfe9bb8db089c5d97765caf28c67799d419d8bc 341678 libexif-dev_0.6.21-2+deb9u4_amd64.deb de530cb8da1e01fd0f7e0573b8d816a5ad1db1e8 115682 libexif12-dbgsym_0.6.21-2+deb9u4_amd64.deb 12105cba07e882d6f40811c998753e157291a205 324320 libexif12_0.6.21-2+deb9u4_amd64.deb 326c80f16477882ccb0733b4dd33add4df0c88c5 7991 libexif_0.6.21-2+deb9u4_amd64.buildinfo Checksums-Sha256: 4812b8a88cf3a6bbb2794497effc98af6e60b9dfbdcad2ea9d1aaf96a7328d14 2098 libexif_0.6.21-2+deb9u4.dsc edb7eb13664cf950a6edd132b75e99afe61c5effe2f16494e6d27bc404b287bf 2081615 libexif_0.6.21.orig.tar.gz 7cfbf1f2a33ea0ac85292aedae2708337de529be0f43f4303da5348b353b9b93 16296 libexif_0.6.21-2+deb9u4.debian.tar.xz e81030c2cadd795a122432bd0eb877ce08088a145c91408b76756d0cca86cdfa 341678 libexif-dev_0.6.21-2+deb9u4_amd64.deb b4d2467aa2ef431afd692ed6b20ff898281a22dd17c2607321fa1358cfc6ea9e 115682 libexif12-dbgsym_0.6.21-2+deb9u4_amd64.deb 505ea3d8689c3ca24beba9b28c3e8496809ae5143bed6f181a3da7b37a4bf7e6 324320 libexif12_0.6.21-2+deb9u4_amd64.deb 0464eb2ec8ec7eb9590bae255556d2c65cc4afbbdc19c748f52d7b5f1aa7954e 7991 libexif_0.6.21-2+deb9u4_amd64.buildinfo Files: c2bc76772c251cc97ce02a45e56195fb 2098 libs optional libexif_0.6.21-2+deb9u4.dsc 9321c409a3e588d4a99d63063ef4bbb7 2081615 libs optional libexif_0.6.21.orig.tar.gz e286b02c57d49b8ab0d6315b828aff9c 16296 libs optional libexif_0.6.21-2+deb9u4.debian.tar.xz 04bd2e46350cdca919625965eb596dec 341678 libdevel optional libexif-dev_0.6.21-2+deb9u4_amd64.deb b723a0af5e4751cdc5f7702de17a2063 115682 debug extra libexif12-dbgsym_0.6.21-2+deb9u4_amd64.deb d9cb5a7a9df26c83384289b600bdb260 324320 libs optional libexif12_0.6.21-2+deb9u4_amd64.deb d7637af19c873be35bec8e9776e51868 7991 libs optional libexif_0.6.21-2+deb9u4_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAl70jykACgkQgj6WdgbD S5YMMQ//X97FdZtICdFyfJ5aaTKy4xz7uNJSJNn/NZULHxmHRf9DeFU+/F1gvwis asiAEo5QBsOWh5SvBGak64fk7k1ytiFl6Z6aPi0oVZZcU3mAh1oFR/YKuikU1c4F HmfR62BTZkV2IMozW9Y4QrP92BCu1UBJO+qUia2atetw62CxOEcMn+Uerj7N/YXJ CGbPr5CBlBcOk7HwgzhkvSwetRFtCg5KGfNCXwh0TPdG10K9CQHCcs6pO0DMU7k0 ql9ms+2zsHJW0suvU9HHrG2Az0WLxpg6VCudG77TtIFkhW1lPWxi/3pZJC+FZvNg xshlLyROYqkDAI16B+f+SCTtFZ4Q6ofLPK24FD85yMWZfgNXZFTYLV78Yv69rqvL qBHPhsivs2wCCE/nYurxNRIPrY4YPRVyIe+qQIsUMcuJA7yAu/cU5N3LUuM2zEHh uqXNM/QwH7WfWg5oDfS0vM5eOOP7r/ATP01RnquBVOkOHMZTn3Iu2MVkWp+d+4av AOF2QhsE3KLd+AkbepuxoTEUu725Dqks4wN0/7kiGXrbJGuRwhBs1O3FkiicJOSa b8KuBeqs21W+dBH5hLKF/oh+fYEfXUKWtpECU/pZWgOWS7yILVsdIhmW437DDyLU m6r4PKkxKv6HujLXNKi/zRvTphGzjKf0Ptdf15Vw5cxxUG1J7kw= =+xCR -----END PGP SIGNATURE-----
