Format: 1.8 Date: Thu, 31 May 2018 13:42:17 -0400 Source: exempi Binary: exempi libexempi3 libexempi-dev libexempi3-dbg Architecture: ppc64el Version: 2.2.2-2ubuntu0.1 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: exempi - command line tool to manipulate XMP metadata libexempi-dev - library to parse XMP metadata (Development files) libexempi3 - library to parse XMP metadata (Library) libexempi3-dbg - library to parse XMP metadata (Debug files) Changes: exempi (2.2.2-2ubuntu0.1) xenial-security; urgency=medium . * SECURITY UPDATE: integer overflow in RIFF.cpp - debian/patches/CVE-2017-18233.patch: fix overflow in source/XMPFiles/FormatSupport/RIFF.cpp. - CVE-2017-18233 * SECURITY UPDATE: DoS via pdf file with JPEG data - debian/patches/CVE-2017-18234.patch: fix error handling and replace memcpy in public/include/XMP_Const.h, public/include/client-glue/WXMP_Common.hpp, source/XMPFiles/FormatSupport/TIFF_MemoryReader.cpp, source/XMPFiles/FormatSupport/TIFF_Support.hpp, source/common/XMP_LibUtils.hpp. - Thanks to Debian for the backport! - CVE-2017-18234 * SECURITY UPDATE: infinite loop via a crafted asf file - debian/patches/CVE-2017-18236.patch: check size in source/XMPFiles/FormatSupport/ASF_Support.cpp. - CVE-2017-18236 * SECURITY UPDATE: infinite loop via XMP data in qt file - debian/patches/CVE-2017-18238.patch: exit loop in source/XMPFiles/FormatSupport/QuickTime_Support.cpp. - CVE-2017-18238 * SECURITY UPDATE: heap-based buffer over-read in the MD5Update() - debian/patches/CVE-2018-7728.patch: check dataLen in source/XMPFiles/FileHandlers/TIFF_Handler.cpp. - CVE-2018-7728 * SECURITY UPDATE: buffer over-read in CacheFileData() - debian/patches/CVE-2018-7730.patch: check dataLen in source/XMPFiles/FormatSupport/PSIR_FileWriter.cpp. - CVE-2018-7730 Checksums-Sha1: 2f30bd3b3adb158ea0df364160b89c1e84fde4e0 1022 exempi-dbgsym_2.2.2-2ubuntu0.1_ppc64el.ddeb 1b8d0dc78039523dd8bc19bbf647f3c50a19a2d3 11516 exempi_2.2.2-2ubuntu0.1_ppc64el.deb b1c722f927c57a557761bcc431e272601aa494d4 1014 libexempi-dev-dbgsym_2.2.2-2ubuntu0.1_ppc64el.ddeb a062a2dbdaf29995987590a5c7894be8efebd0f4 486848 libexempi-dev_2.2.2-2ubuntu0.1_ppc64el.deb d8bb826ee40e6750adbabf5a2f3f298a0114a64c 3283350 libexempi3-dbg_2.2.2-2ubuntu0.1_ppc64el.deb b127050665c8243bed07ec6a2d8b1d33b6c0cc7a 982 libexempi3-dbgsym_2.2.2-2ubuntu0.1_ppc64el.ddeb 6381135a9772b5f88fa39f236e8e2187d1368375 404568 libexempi3_2.2.2-2ubuntu0.1_ppc64el.deb Checksums-Sha256: 920847535fb7bb70e3df47ad4720d3178ba46bab7f332c628c543d9e622444eb 1022 exempi-dbgsym_2.2.2-2ubuntu0.1_ppc64el.ddeb 75325b037468c85713308cd0d3c485bed6c663ef6acd8f9263cf182e27e6963f 11516 exempi_2.2.2-2ubuntu0.1_ppc64el.deb 34c2e9fa2bcaa880cbcdedbbf4d0df1ae8d3c9595b7afa4b1efe846a5e76a5dc 1014 libexempi-dev-dbgsym_2.2.2-2ubuntu0.1_ppc64el.ddeb 4458bee2f522a105936999857e03ffe183c48dc4074672bbda01d73334cbb4ec 486848 libexempi-dev_2.2.2-2ubuntu0.1_ppc64el.deb 84ceb011f4192e5bfc800c698cd2519bdd5de45c6a9106d20e94df9f4394e1db 3283350 libexempi3-dbg_2.2.2-2ubuntu0.1_ppc64el.deb c982909027762fd3e5c56cee8376f24558d6e4b9f2cfaa23a241a1024a64526f 982 libexempi3-dbgsym_2.2.2-2ubuntu0.1_ppc64el.ddeb 7dbd1bb8d9f0c8655cfd861d7ead84579623ef25e1c9effc4ca45594cf8c1d13 404568 libexempi3_2.2.2-2ubuntu0.1_ppc64el.deb Files: 2f28926994614bff8d78c3826d00a887 1022 graphics extra exempi-dbgsym_2.2.2-2ubuntu0.1_ppc64el.ddeb c3f449c6e93b21c231938a33c5e48876 11516 graphics optional exempi_2.2.2-2ubuntu0.1_ppc64el.deb 1ea70ecfe358ac0bf4bfea5374db6e47 1014 libdevel extra libexempi-dev-dbgsym_2.2.2-2ubuntu0.1_ppc64el.ddeb 270994f0535a70403c673b4bb413a561 486848 libdevel optional libexempi-dev_2.2.2-2ubuntu0.1_ppc64el.deb 576103cf9772084ddfe53238fea6c294 3283350 debug extra libexempi3-dbg_2.2.2-2ubuntu0.1_ppc64el.deb a13620863eafb57337d8569b5f65b4c4 982 libs extra libexempi3-dbgsym_2.2.2-2ubuntu0.1_ppc64el.ddeb a0b868666ca336289c942f91d2dd9317 404568 libs optional libexempi3_2.2.2-2ubuntu0.1_ppc64el.deb Original-Maintainer: Michael Biebl