Format: 1.8 Date: Thu, 31 May 2018 13:42:17 -0400 Source: exempi Binary: exempi libexempi3 libexempi-dev libexempi3-dbg Architecture: powerpc Version: 2.2.2-2ubuntu0.1 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: exempi - command line tool to manipulate XMP metadata libexempi-dev - library to parse XMP metadata (Development files) libexempi3 - library to parse XMP metadata (Library) libexempi3-dbg - library to parse XMP metadata (Debug files) Changes: exempi (2.2.2-2ubuntu0.1) xenial-security; urgency=medium . * SECURITY UPDATE: integer overflow in RIFF.cpp - debian/patches/CVE-2017-18233.patch: fix overflow in source/XMPFiles/FormatSupport/RIFF.cpp. - CVE-2017-18233 * SECURITY UPDATE: DoS via pdf file with JPEG data - debian/patches/CVE-2017-18234.patch: fix error handling and replace memcpy in public/include/XMP_Const.h, public/include/client-glue/WXMP_Common.hpp, source/XMPFiles/FormatSupport/TIFF_MemoryReader.cpp, source/XMPFiles/FormatSupport/TIFF_Support.hpp, source/common/XMP_LibUtils.hpp. - Thanks to Debian for the backport! - CVE-2017-18234 * SECURITY UPDATE: infinite loop via a crafted asf file - debian/patches/CVE-2017-18236.patch: check size in source/XMPFiles/FormatSupport/ASF_Support.cpp. - CVE-2017-18236 * SECURITY UPDATE: infinite loop via XMP data in qt file - debian/patches/CVE-2017-18238.patch: exit loop in source/XMPFiles/FormatSupport/QuickTime_Support.cpp. - CVE-2017-18238 * SECURITY UPDATE: heap-based buffer over-read in the MD5Update() - debian/patches/CVE-2018-7728.patch: check dataLen in source/XMPFiles/FileHandlers/TIFF_Handler.cpp. - CVE-2018-7728 * SECURITY UPDATE: buffer over-read in CacheFileData() - debian/patches/CVE-2018-7730.patch: check dataLen in source/XMPFiles/FormatSupport/PSIR_FileWriter.cpp. - CVE-2018-7730 Checksums-Sha1: bf2ed9bc1dc2eb675a119b8daf44e29bc61a712a 1020 exempi-dbgsym_2.2.2-2ubuntu0.1_powerpc.ddeb 94a3c373225bd7b14d8d516bf92973473023025e 9960 exempi_2.2.2-2ubuntu0.1_powerpc.deb beaf65864b2dd78a117afb8878c9b4df6b10ca73 1014 libexempi-dev-dbgsym_2.2.2-2ubuntu0.1_powerpc.ddeb 6d485ae861d5e4f6f07c1e30d034ef2cf4bb3496 412680 libexempi-dev_2.2.2-2ubuntu0.1_powerpc.deb 1b2fd8c66e3b19c5d9844827c21ead4f5d5f2040 3037376 libexempi3-dbg_2.2.2-2ubuntu0.1_powerpc.deb a660d37067d29e93dc08b58ff8c5fc686c95e501 982 libexempi3-dbgsym_2.2.2-2ubuntu0.1_powerpc.ddeb ec90aba940ab4ddc665167cecc2ec44f457750f5 359564 libexempi3_2.2.2-2ubuntu0.1_powerpc.deb Checksums-Sha256: c07e7e4c7aad4e81fcdc3a5cc7dd0d0dab292182b1e5e47d6f934202b6e30beb 1020 exempi-dbgsym_2.2.2-2ubuntu0.1_powerpc.ddeb 32133964e50dee2c3f7a4612977a97b976dbd6e61622ca554fe397831aa8c613 9960 exempi_2.2.2-2ubuntu0.1_powerpc.deb 89cc45924b77b03b7ea3ae8ce8ef66932a94b6f74bfc433d29436bf1e3e54f6a 1014 libexempi-dev-dbgsym_2.2.2-2ubuntu0.1_powerpc.ddeb f6ef4103049d657a10d5ca51a9bfee1aec47b27b2bb7d1e66165466c640ab8de 412680 libexempi-dev_2.2.2-2ubuntu0.1_powerpc.deb 63167fcb69bdeaeddaed78beb813001dae04d3dbc34df65201130463b8be1d07 3037376 libexempi3-dbg_2.2.2-2ubuntu0.1_powerpc.deb cc82e1ac536d6df838f7c5b1f3b72142a3b3766df1908a29def9eba35f89526b 982 libexempi3-dbgsym_2.2.2-2ubuntu0.1_powerpc.ddeb 18e87baf0e49729f7f96b25f73d3487d4856b6650967fbe7bfa2c2089739cecb 359564 libexempi3_2.2.2-2ubuntu0.1_powerpc.deb Files: b04d86c5bbbf084d5318d7ed130f3a95 1020 graphics extra exempi-dbgsym_2.2.2-2ubuntu0.1_powerpc.ddeb f3f8d1c415f2abf4f07f23a72da8a2fe 9960 graphics optional exempi_2.2.2-2ubuntu0.1_powerpc.deb 50c88db00a08adf69e9d58bc2d079b17 1014 libdevel extra libexempi-dev-dbgsym_2.2.2-2ubuntu0.1_powerpc.ddeb b4f19c9bd157810d0860d3419b9d8809 412680 libdevel optional libexempi-dev_2.2.2-2ubuntu0.1_powerpc.deb bcd17fd14740303ad7977f9bdf63159b 3037376 debug extra libexempi3-dbg_2.2.2-2ubuntu0.1_powerpc.deb c354a7aaf20052f074a9057f93035857 982 libs extra libexempi3-dbgsym_2.2.2-2ubuntu0.1_powerpc.ddeb 91ddf39040255fc74128f96456439042 359564 libs optional libexempi3_2.2.2-2ubuntu0.1_powerpc.deb Original-Maintainer: Michael Biebl