Register | Log in

libexif

Choose email to subscribe with

general

source: libexif (main)
version: 0.6.26-1
maintainer: Debian PhotoTools Maintainers (archive) (DMD)
uploaders: Hugh McMaster [DMD]
arch: all any
std-ver: 4.7.4
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 0.6.22-3
oldstable: 0.6.24-1
stable: 0.6.25-1
testing: 0.6.26-1
unstable: 0.6.26-1

versioned links

0.6.22-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.6.24-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.6.25-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.6.26-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libexif-dev
libexif-doc
libexif12

action needed

3 security issues in bullseye high

There are 3 open security issues in bullseye.

3 important issues:

CVE-2026-32775: libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exif_mnote_data_get_value function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow.
CVE-2026-40385: In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. This only affects 32bit systems.
CVE-2026-40386: In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs.

Created: 2026-03-17 Last update: 2026-04-21 20:30

3 low-priority security issues in trixie low

There are 3 open security issues in trixie.

3 issues left for the package maintainer to handle:

CVE-2026-32775: (needs triaging) libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exif_mnote_data_get_value function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow.
CVE-2026-40385: (needs triaging) In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. This only affects 32bit systems.
CVE-2026-40386: (needs triaging) In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs.

You can find information about how to handle these issues in the security team's documentation.

Created: 2026-04-21 Last update: 2026-04-21 20:30

Issues found with some translations low

Automatic checks made by the Debian l10n team found some issues with the translations contained in this package. You should check the l10n status report for more information.

Issues can be things such as missing translations, problematic translated strings, outdated PO files, unknown languages, etc.

Created: 2026-02-26 Last update: 2026-04-18 09:00

news

[2026-04-20] libexif 0.6.26-1 MIGRATED to testing (Debian testing watch)
[2026-04-17] Accepted libexif 0.6.26-1 (source) into unstable (Hugh McMaster)
[2026-03-03] libexif 0.6.25-2 MIGRATED to testing (Debian testing watch)
[2026-02-25] Accepted libexif 0.6.25-2 (source) into unstable (Hugh McMaster)
[2025-02-16] libexif 0.6.25-1 MIGRATED to testing (Debian testing watch)
[2025-02-11] Accepted libexif 0.6.25-1 (source) into unstable (Hugh McMaster)
[2025-01-14] libexif 0.6.24-2 MIGRATED to testing (Debian testing watch)
[2025-01-09] Accepted libexif 0.6.24-2 (source) into unstable (Hugh McMaster)
[2021-12-10] libexif 0.6.24-1 MIGRATED to testing (Debian testing watch)
[2021-12-10] libexif 0.6.24-1 MIGRATED to testing (Debian testing watch)
[2021-12-05] Accepted libexif 0.6.24-1 (source) into unstable (Hugh McMaster)
[2021-10-01] libexif 0.6.23-1 MIGRATED to testing (Debian testing watch)
[2021-09-26] Accepted libexif 0.6.23-1 (source) into unstable (Hugh McMaster) (signed by: Adam Borowski)
[2020-11-13] Accepted libexif 0.6.21-5.1+deb10u5 (source amd64 all) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Utkarsh Gupta)
[2020-11-13] libexif 0.6.22-3 MIGRATED to testing (Debian testing watch)
[2020-11-13] libexif 0.6.22-3 MIGRATED to testing (Debian testing watch)
[2020-11-08] Accepted libexif 0.6.21-5.1+deb10u5 (source amd64 all) into stable->embargoed, stable (Debian FTP Masters) (signed by: Utkarsh Gupta)
[2020-11-07] Accepted libexif 0.6.22-3 (source) into unstable (Hugh McMaster) (signed by: Utkarsh Gupta)
[2020-11-07] Accepted libexif 0.6.21-2+deb9u5 (source amd64) into oldstable (Hugh McMaster) (signed by: Utkarsh Gupta)
[2020-07-09] Accepted libexif 0.6.21-5.1+deb10u4 (source amd64 all) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Utkarsh Gupta)
[2020-07-03] Accepted libexif 0.6.21-2+deb9u4 (source amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Debian FTP Masters) (signed by: Utkarsh Gupta)
[2020-06-19] libexif 0.6.22-2 MIGRATED to testing (Debian testing watch)
[2020-06-13] Accepted libexif 0.6.21-2+deb8u4 (source amd64) into oldoldstable (Hugh McMaster) (signed by: Utkarsh Gupta)
[2020-06-13] Accepted libexif 0.6.22-2 (source) into unstable (Hugh McMaster) (signed by: Utkarsh Gupta)
[2020-06-09] libexif 0.6.22-1 MIGRATED to testing (Debian testing watch)
[2020-06-03] Accepted libexif 0.6.22-1 (source) into unstable (Hugh McMaster) (signed by: Andreas Metzler)
[2020-06-03] libexif 0.6.21-9 MIGRATED to testing (Debian testing watch)
[2020-05-30] Accepted libexif 0.6.21-2+deb9u3 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Debian FTP Masters) (signed by: Mike Gabriel)
[2020-05-30] Accepted libexif 0.6.21-2+deb9u2 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Debian FTP Masters) (signed by: Mike Gabriel)
[2020-05-30] Accepted libexif 0.6.21-5.1+deb10u3 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Mike Gabriel)

1
2

bugs [bug history graph]

all: 0

links

homepage
lintian
buildd: logs, reproducibility, cross
popcon
browse source code
other distros
security tracker
l10n (-, 79)

ubuntu

[Information about Ubuntu for Debian Developers]

version: 0.6.25-2
1 bug

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing