-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 25 Oct 2017 16:05:29 +0200 Source: exiv2 Binary: exiv2 libexiv2-12 libexiv2-dev libexiv2-doc libexiv2-dbg Architecture: source amd64 all Version: 0.23-1+deb7u2 Distribution: wheezy-security Urgency: medium Maintainer: Debian KDE Extras Team <pkg-kde-extras@lists.alioth.debian.org> Changed-By: Raphaël Hertzog <hertzog@debian.org> Description: exiv2 - EXIF/IPTC metadata manipulation tool libexiv2-12 - EXIF/IPTC metadata manipulation library libexiv2-dbg - EXIF/IPTC metadata manipulation library - debug libexiv2-dev - EXIF/IPTC metadata manipulation library - development files libexiv2-doc - EXIF/IPTC metadata manipulation library - HTML documentation Closes: 876893 Changes: exiv2 (0.23-1+deb7u2) wheezy-security; urgency=medium . * Non-maintainer upload by the LTS team. * CVE-2017-11591: denial of service via floating point exception in the Exiv2::ValueType function. Closes: #876893 * CVE-2017-11683: denial of service through failing assertion triggered by crafted content. * CVE-2017-14859, CVE-2017-14862, CVE-2017-14864: denial of service through invalid memory access triggered by a crafted image. Checksums-Sha1: de386a554ec3d64eac1b92e549bcde2fa881fded 1924 exiv2_0.23-1+deb7u2.dsc 871c4da4659728dd0471e26b55b50551e86e4ca7 12402 exiv2_0.23-1+deb7u2.debian.tar.gz 1daaba8af2f02dbd33c255e34c07704b8c80a677 99586 exiv2_0.23-1+deb7u2_amd64.deb a541a5351337264e96df4cc373edfb38dd06ffcd 800844 libexiv2-12_0.23-1+deb7u2_amd64.deb 0982db409dee75758cf6fdf1a62c0b099ff21b99 1686458 libexiv2-dev_0.23-1+deb7u2_amd64.deb 715794010bce511a1984c4bc15dd357a1ad1dc7c 63590 libexiv2-doc_0.23-1+deb7u2_all.deb 6d54fe3bf7d9dcb94a42d038d33b0d4605534a78 4834636 libexiv2-dbg_0.23-1+deb7u2_amd64.deb Checksums-Sha256: ee76856be156cba3aa8c5c2ac9845931debb3fa8e5b6eb551f28f6f81e4347d3 1924 exiv2_0.23-1+deb7u2.dsc 56bfda2c3db77bf044fd21a1a0e626b5cd77e4bc36c225c2f150f1556b25f998 12402 exiv2_0.23-1+deb7u2.debian.tar.gz 475002fd44b41cf0f32165597bc3723088f7f40e149af45ea3c758e97c45bede 99586 exiv2_0.23-1+deb7u2_amd64.deb c80376070ff85abe17bf45b0db303a24bcc107bd8cb0f901879a51bba6c95b8c 800844 libexiv2-12_0.23-1+deb7u2_amd64.deb d686c333893eb475c3a50a92e46b1358d881296d8f42ca9a188dabccb2b0319f 1686458 libexiv2-dev_0.23-1+deb7u2_amd64.deb b895c1209e66204920de945bcd5ddf47fe019c4b962b26bc31128e3a52a59538 63590 libexiv2-doc_0.23-1+deb7u2_all.deb 2db0029beca599409e233736767b346034189e1cfe0597a95c34930a579768bb 4834636 libexiv2-dbg_0.23-1+deb7u2_amd64.deb Files: 4952a7fee2e14413f99f9207b2cdc993 1924 graphics optional exiv2_0.23-1+deb7u2.dsc 371f40ddb6a87a9fdaad29850ca81d1f 12402 graphics optional exiv2_0.23-1+deb7u2.debian.tar.gz 9b04f07b9c6ebbc91fe7fd2ae6372f40 99586 graphics optional exiv2_0.23-1+deb7u2_amd64.deb 0917ed048ca5876dd05137109815cafd 800844 libs optional libexiv2-12_0.23-1+deb7u2_amd64.deb ddca23408b70a716490e41a75f42c365 1686458 libdevel optional libexiv2-dev_0.23-1+deb7u2_amd64.deb 8f862da61733661a70869ca2ff2415ea 63590 doc optional libexiv2-doc_0.23-1+deb7u2_all.deb b69edaebeeaece18a2fdac094d3a9cf6 4834636 debug extra libexiv2-dbg_0.23-1+deb7u2_amd64.deb -----BEGIN PGP SIGNATURE----- Comment: Signed by Raphael Hertzog iQEzBAEBCgAdFiEE1823g1EQnhJ1LsbSA4gdq+vCmrkFAlnyEfwACgkQA4gdq+vC mrmzYwgAk7Vf8l216ZpwXQjWyH4aznzW7mE3TNV+qyKngy1a1G885gPib8j0zPHQ jm13rLR7MU46JPTxrBrzL03+/4+eeQn8zAfPJdKpshGoYIv+xracllrLqfmhJ8/R sEFmWiAlJdHfB6DfYhT38/bWichSdxhx6X9CVUpGyb/UZb84yhr/sObNqDJf4AWh BnSndx79WN9s8G6jfvyANEc5YrtXVFKKRSC4jLURL1gxJ+n/oxVX4jWxrJ/tRmJ8 FAjO17A7RqJWIL0lT34IipZbs3TqWC8eLZNfk0F7IGs7POdfjvK0nCDb8DS0RS+M yvUiHyK9fm9DniH6ITEUnrWpfHtwiA== =B8r6 -----END PGP SIGNATURE-----
