libexif10: Vulnerable to buffer overflows
Bug #13621 reported by
Debian Bug Importer
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libexif (Debian) |
Fix Released
|
Unknown
|
|||
libexif (Ubuntu) |
Invalid
|
High
|
Martin Pitt |
Bug Description
Automatically imported from Debian bug report #298464 http://
Changed in libexif: | |
status: | Unknown → Fix Released |
To post a comment you must log in.
Message-ID: <email address hidden>
Date: Mon, 7 Mar 2005 18:26:32 +0100
From: Martin Pitt <email address hidden>
To: Debian Bug Tracking System <email address hidden>
Subject: libexif10: Vulnerable to buffer overflows
--k+w/mQv8wyuph6w0 Disposition: inline Transfer- Encoding: quoted-printable
Content-Type: text/plain; charset=us-ascii
Content-
Content-
Package: libexif10
Severity: grave
Tags: security patch
Justification: user security hole
Hi!
libexif is vulnerable against some buffer overflows. Please see
https:/ /bugzilla. ubuntulinux. org/show_ bug.cgi? id=3D7152
for details. You can get the Ubuntu patch at
http:// patches. ubuntu. com/patches/ libexif. security. diff
Thanks,
Martin
-- System Information: 3Dde_DE. UTF-8 (charmap=3DUTF-8)
Debian Release: 3.1
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.11
Locale: LANG=3Dde_DE.UTF-8, LC_CTYPE=
Versions of packages libexif10 depends on:
ii libc6 2.3.2.ds1-20 GNU C Library: Shared librarie=
s an
--=20 www.piware. de www.ubuntulinux .org www.debian. org
Martin Pitt http://
Ubuntu Developer http://
Debian GNU/Linux Developer http://
--k+w/mQv8wyuph6w0 pgp-signature; name="signature .asc" Description: Digital signature Disposition: inline
Content-Type: application/
Content-
Content-
-----BEGIN PGP SIGNATURE-----
nbV4Fd/ IRAvl2AKDX3CCVg Ls2tlo6Jfe7pEDz VM0ojgCg778i hCOholAw=
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFCLI7IDec
L7IgeMWVEfyMuZ3
=1UbC
-----END PGP SIGNATURE-----
--k+w/mQv8wyuph 6w0--