---------------------------------------------------------------------Fedora Update Notification
FEDORA-2007-548
2007-06-11
---------------------------------------------------------------------Product     : Fedora Core 6
Name        : libexif
Version     : 0.6.15
Release     : 1.fc6
Summary     : Library for extracting extra information from image files
Description :
Most digital cameras produce EXIF files, which are JPEG files with
extra tags that contain information about the image. The EXIF library
allows you to parse an EXIF file and read the data from those tags.

---------------------------------------------------------------------Update Information:

This update to the latest upstream release fixes a number of
bugs, among them a possible integer overflow in the
exif_data_load_data_entry function (CVE-2007-2645), which
allows user-assisted remote attackers to cause a denial of
service (crash) or possibly execute arbitrary code via
crafted EXIF data.
---------------------------------------------------------------------* Wed May 30 2007 Matthias Clasen  - 0.6.15-1
- Update to 0.6.15
- Drop obsolete patch
* Thu May 24 2007 Matthias Clasen  - 0.6.13-4
- Add patch for CVE-2007-2645.
* Sun Feb  4 2007 Matthias Clasen  - 0.6.13-3
- Package review cleanups
- Avoid multilib conflicts by using pregenerated docs

---------------------------------------------------------------------This update can be downloaded from:
    
a72ed5f5da3870cad1911c3aeaf7da70c9617178  SRPMS/libexif-0.6.15-1.fc6.src.rpm
a72ed5f5da3870cad1911c3aeaf7da70c9617178  noarch/libexif-0.6.15-1.fc6.src.rpm
9e0bc0e5d27ad0146d3d8378b4cdda784f38cbeb  ppc/libexif-devel-0.6.15-1.fc6.ppc.rpm
f15e10ca2f053e94603e603ad641be5389696d23  ppc/libexif-0.6.15-1.fc6.ppc.rpm
d7e02d9235bf50cb0c18d04f353927b01b27d2d3  ppc/debug/libexif-debuginfo-0.6.15-1.fc6.ppc.rpm
cce426e4e62fe173799581698f7f3e756b251cf5  x86_64/debug/libexif-debuginfo-0.6.15-1.fc6.x86_64.rpm
c03bea0a6b7e8f253a6876e063c2b15e288898f6  x86_64/libexif-0.6.15-1.fc6.x86_64.rpm
84c6c79200b570287620ea3d36d3f29a07cfe075  x86_64/libexif-devel-0.6.15-1.fc6.x86_64.rpm
b6fe4592d0c5a840cedbb8f6009ceb69ba07b2c7  i386/libexif-devel-0.6.15-1.fc6.i386.rpm
253a835d978fb06bdde8e49472313a99e3aa3df3  i386/libexif-0.6.15-1.fc6.i386.rpm
8b2d63cc52c6ebd1d2ff751f6fdcb4eb086420ed  i386/debug/libexif-debuginfo-0.6.15-1.fc6.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at .
---------------------------------------------------------------------_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce

Fedora Core 6 Update: libexif-0.6.15-1.fc6

June 11, 2007
This update to the latest upstream release fixes a number of bugs, among them a possible integer overflow in the exif_data_load_data_entry function (CVE-2007-2645), which allows...

Summary

Most digital cameras produce EXIF files, which are JPEG files with

extra tags that contain information about the image. The EXIF library

allows you to parse an EXIF file and read the data from those tags.

This update to the latest upstream release fixes a number of

bugs, among them a possible integer overflow in the

exif_data_load_data_entry function (CVE-2007-2645), which

allows user-assisted remote attackers to cause a denial of

service (crash) or possibly execute arbitrary code via

crafted EXIF data.

- Update to 0.6.15

- Drop obsolete patch

* Thu May 24 2007 Matthias Clasen - 0.6.13-4

- Add patch for CVE-2007-2645.

* Sun Feb 4 2007 Matthias Clasen - 0.6.13-3

- Package review cleanups

- Avoid multilib conflicts by using pregenerated docs

a72ed5f5da3870cad1911c3aeaf7da70c9617178 SRPMS/libexif-0.6.15-1.fc6.src.rpm

a72ed5f5da3870cad1911c3aeaf7da70c9617178 noarch/libexif-0.6.15-1.fc6.src.rpm

9e0bc0e5d27ad0146d3d8378b4cdda784f38cbeb ppc/libexif-devel-0.6.15-1.fc6.ppc.rpm

f15e10ca2f053e94603e603ad641be5389696d23 ppc/libexif-0.6.15-1.fc6.ppc.rpm

d7e02d9235bf50cb0c18d04f353927b01b27d2d3 ppc/debug/libexif-debuginfo-0.6.15-1.fc6.ppc.rpm

cce426e4e62fe173799581698f7f3e756b251cf5 x86_64/debug/libexif-debuginfo-0.6.15-1.fc6.x86_64.rpm

c03bea0a6b7e8f253a6876e063c2b15e288898f6 x86_64/libexif-0.6.15-1.fc6.x86_64.rpm

84c6c79200b570287620ea3d36d3f29a07cfe075 x86_64/libexif-devel-0.6.15-1.fc6.x86_64.rpm

b6fe4592d0c5a840cedbb8f6009ceb69ba07b2c7 i386/libexif-devel-0.6.15-1.fc6.i386.rpm

253a835d978fb06bdde8e49472313a99e3aa3df3 i386/libexif-0.6.15-1.fc6.i386.rpm

8b2d63cc52c6ebd1d2ff751f6fdcb4eb086420ed i386/debug/libexif-debuginfo-0.6.15-1.fc6.i386.rpm

This update can be installed with the 'yum' update program. Use 'yum update

package-name' at the command line. For more information, refer to 'Managing

Software with yum,' available at .

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

http://www.redhat.com/mailman/listinfo/fedora-package-announce

FEDORA-2007-548 2007-06-11 Name : libexif Version : 0.6.15 Release : 1.fc6 Summary : Library for extracting extra information from image files Description : Most digital cameras produce EXIF files, which are JPEG files with extra tags that contain information about the image. The EXIF library allows you to parse an EXIF file and read the data from those tags. This update to the latest upstream release fixes a number of bugs, among them a possible integer overflow in the exif_data_load_data_entry function (CVE-2007-2645), which allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted EXIF data. - Update to 0.6.15 - Drop obsolete patch * Thu May 24 2007 Matthias Clasen - 0.6.13-4 - Add patch for CVE-2007-2645. * Sun Feb 4 2007 Matthias Clasen - 0.6.13-3 - Package review cleanups - Avoid multilib conflicts by using pregenerated docs a72ed5f5da3870cad1911c3aeaf7da70c9617178 SRPMS/libexif-0.6.15-1.fc6.src.rpm a72ed5f5da3870cad1911c3aeaf7da70c9617178 noarch/libexif-0.6.15-1.fc6.src.rpm 9e0bc0e5d27ad0146d3d8378b4cdda784f38cbeb ppc/libexif-devel-0.6.15-1.fc6.ppc.rpm f15e10ca2f053e94603e603ad641be5389696d23 ppc/libexif-0.6.15-1.fc6.ppc.rpm d7e02d9235bf50cb0c18d04f353927b01b27d2d3 ppc/debug/libexif-debuginfo-0.6.15-1.fc6.ppc.rpm cce426e4e62fe173799581698f7f3e756b251cf5 x86_64/debug/libexif-debuginfo-0.6.15-1.fc6.x86_64.rpm c03bea0a6b7e8f253a6876e063c2b15e288898f6 x86_64/libexif-0.6.15-1.fc6.x86_64.rpm 84c6c79200b570287620ea3d36d3f29a07cfe075 x86_64/libexif-devel-0.6.15-1.fc6.x86_64.rpm b6fe4592d0c5a840cedbb8f6009ceb69ba07b2c7 i386/libexif-devel-0.6.15-1.fc6.i386.rpm 253a835d978fb06bdde8e49472313a99e3aa3df3 i386/libexif-0.6.15-1.fc6.i386.rpm 8b2d63cc52c6ebd1d2ff751f6fdcb4eb086420ed i386/debug/libexif-debuginfo-0.6.15-1.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at . Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce

Change Log

References

Update Instructions

Severity
Name : libexif
Version : 0.6.15
Release : 1.fc6
Summary : Library for extracting extra information from image files

Related News

24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved