-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Fri, 21 Dec 2007 17:13:58 +0100 Source: libexif Binary: libexif12 libexif-dev Architecture: source i386 Version: 0.6.16-2.1 Distribution: unstable Urgency: high Maintainer: Frederic Peters <fpeters@debian.org> Changed-By: Nico Golde <nion@debian.org> Description: libexif-dev - library to parse EXIF files (development files) libexif12 - library to parse EXIF files Closes: 457330 457330 Changes: libexif (0.6.16-2.1) unstable; urgency=high . * Non-maintainer upload by security team. * This update addresses the following security issues: - possible denial of service attack via crafted image file leading to an infinite recursion in the exif-loader.c (CVE-2007-6351; Closes: #457330). - integer overflow in exif-data.c triggered by a crafted image file could lead to arbitrary code execution (CVE-2007-6352; Closes: #457330). Files: a22d0350058d240f2fb337c473ebe0fd 615 libs optional libexif_0.6.16-2.1.dsc 077206efeafbee981b41f5eea67024c7 15103 libs optional libexif_0.6.16-2.1.diff.gz d92a74a44d95d55f1d8b44381af7a0de 147904 libdevel optional libexif-dev_0.6.16-2.1_i386.deb 70683c69cdc384dd6717c88f09557c2e 235592 libs optional libexif12_0.6.16-2.1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHa/CKHYflSXNkfP8RAjnsAKCEGaAjLE940JGa7SX+PlpOEleDxQCcC+qO M+NaccVuEGJEEZYJfmj3bcI= =pxdQ -----END PGP SIGNATURE----- Accepted: libexif-dev_0.6.16-2.1_i386.deb to pool/main/libe/libexif/libexif-dev_0.6.16-2.1_i386.deb libexif12_0.6.16-2.1_i386.deb to pool/main/libe/libexif/libexif12_0.6.16-2.1_i386.deb libexif_0.6.16-2.1.diff.gz to pool/main/libe/libexif/libexif_0.6.16-2.1.diff.gz libexif_0.6.16-2.1.dsc to pool/main/libe/libexif/libexif_0.6.16-2.1.dsc
