Format: 1.8 Date: Thu, 31 May 2018 13:48:18 -0400 Source: exempi Binary: exempi libexempi3 libexempi-dev libexempi3-dbg Architecture: i386 Version: 2.2.1-1ubuntu1.1 Distribution: trusty Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: exempi - command line tool to manipulate XMP metadata libexempi-dev - library to parse XMP metadata (Development files) libexempi3 - library to parse XMP metadata (Library) libexempi3-dbg - library to parse XMP metadata (Debug files) Changes: exempi (2.2.1-1ubuntu1.1) trusty-security; urgency=medium . * SECURITY UPDATE: integer overflow in RIFF.cpp - debian/patches/CVE-2017-18233.patch: fix overflow in source/XMPFiles/FormatSupport/RIFF.cpp. - CVE-2017-18233 * SECURITY UPDATE: DoS via pdf file with JPEG data - debian/patches/CVE-2017-18234.patch: fix error handling and replace memcpy in public/include/XMP_Const.h, public/include/client-glue/WXMP_Common.hpp, source/XMPFiles/FormatSupport/TIFF_MemoryReader.cpp, source/XMPFiles/FormatSupport/TIFF_Support.hpp, source/common/XMP_LibUtils.hpp. - Thanks to Debian for the backport! - CVE-2017-18234 * SECURITY UPDATE: infinite loop via a crafted asf file - debian/patches/CVE-2017-18236.patch: check size in source/XMPFiles/FormatSupport/ASF_Support.cpp. - CVE-2017-18236 * SECURITY UPDATE: infinite loop via XMP data in qt file - debian/patches/CVE-2017-18238.patch: exit loop in source/XMPFiles/FormatSupport/QuickTime_Support.cpp. - CVE-2017-18238 * SECURITY UPDATE: heap-based buffer over-read in the MD5Update() - debian/patches/CVE-2018-7728.patch: check dataLen in source/XMPFiles/FileHandlers/TIFF_Handler.cpp. - CVE-2018-7728 * SECURITY UPDATE: buffer over-read in CacheFileData() - debian/patches/CVE-2018-7730.patch: check dataLen in source/XMPFiles/FormatSupport/PSIR_FileWriter.cpp. - CVE-2018-7730 Checksums-Sha1: d19749b52b8c266be28bf9a903cb6c4ff81cd4ba 9682 exempi_2.2.1-1ubuntu1.1_i386.deb 341886716a133ecf3614cfaed2ced8ba680d4a48 385096 libexempi3_2.2.1-1ubuntu1.1_i386.deb 874e1ffd5a52e03bfd156570994b5f68c2c16025 453848 libexempi-dev_2.2.1-1ubuntu1.1_i386.deb dd80e3d1c65849fd24d93d5f96ce6f7cc75ecc7a 2984942 libexempi3-dbg_2.2.1-1ubuntu1.1_i386.deb de5ced39d32d8528cd54f37f3825120ba366cf28 1020 exempi-dbgsym_2.2.1-1ubuntu1.1_i386.ddeb b6bb0d48c4584b21f4a7205d172d8f4704b6e66d 980 libexempi3-dbgsym_2.2.1-1ubuntu1.1_i386.ddeb f345526dc4a201d61cc93ed8d0f2dcfb2933cdcc 1014 libexempi-dev-dbgsym_2.2.1-1ubuntu1.1_i386.ddeb Checksums-Sha256: c665feb2000ea3b8b17ee6ac311ed90433779a9bc409bf0a75e7d45fd068cd24 9682 exempi_2.2.1-1ubuntu1.1_i386.deb e1ed77f2f3e0702d05dae6cf7d68cad625ee3fa7fbbd54a717dd8a356af27be3 385096 libexempi3_2.2.1-1ubuntu1.1_i386.deb 5c75a5e932660922bcc15a297ac6e50f7a7df80bdcdb40434a59f5fbc7eaaa4c 453848 libexempi-dev_2.2.1-1ubuntu1.1_i386.deb 6d0813ad1cca60ed2db54530a0d801e7b8b956f53105e82522eac28451644fee 2984942 libexempi3-dbg_2.2.1-1ubuntu1.1_i386.deb d6d5440730ad01b2faddc8de90db80ea70e158fa5e8777f310f7eef27f82a09e 1020 exempi-dbgsym_2.2.1-1ubuntu1.1_i386.ddeb eba70001b3f668221f5c5ac6065a66b38fe0e0792540d68bcb25c44840a4d453 980 libexempi3-dbgsym_2.2.1-1ubuntu1.1_i386.ddeb 53777edbcd8147c55e3fc6c3509a59e5371391f24407f63a612cfb353828e881 1014 libexempi-dev-dbgsym_2.2.1-1ubuntu1.1_i386.ddeb Files: b6b79b4bf289f02dac80dc8de1ae2d01 9682 graphics optional exempi_2.2.1-1ubuntu1.1_i386.deb 8a521101940da2e7c14b5c3f4405ecf7 385096 libs optional libexempi3_2.2.1-1ubuntu1.1_i386.deb bf84f0d47dbaadd12d5b8cfdd0c7e975 453848 libdevel optional libexempi-dev_2.2.1-1ubuntu1.1_i386.deb 7b280995949ac25135aaa42ffd74d9bc 2984942 debug extra libexempi3-dbg_2.2.1-1ubuntu1.1_i386.deb e731e70f5aa79c3327fa2c058d60bbd2 1020 graphics extra exempi-dbgsym_2.2.1-1ubuntu1.1_i386.ddeb 68f9acfd7c98b20acc06099a23ad2951 980 libs extra libexempi3-dbgsym_2.2.1-1ubuntu1.1_i386.ddeb c99e0e86e6f8d0cd07f0e1a28450b831 1014 libdevel extra libexempi-dev-dbgsym_2.2.1-1ubuntu1.1_i386.ddeb Original-Maintainer: Michael Biebl