Ubuntu
libexif package

lp:ubuntu/precise-security/libexif

  1. Precise (12.04)
  2. precise-security
Created by Ubuntu Package Importer and last modified
Get this branch:
bzr branch lp:ubuntu/precise-security/libexif
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

17. By Marc Deslauriers

* SECURITY UPDATE: denial of service and possible info disclosure via
  corrupted EXIF_TAG_COPYRIGHT tag (LP: #1024213)
  - debian/patches/CVE-2012-2812.patch: fix reading tags that aren't
    NUL-terminated in libexif/exif-entry.c.
  - CVE-2012-2812
* SECURITY UPDATE: denial of service and possible info disclosure via
  UTF-16 tag (LP: #1024213)
  - debian/patches/CVE-2012-2813.patch: don't read past the end of a
    tag when converting from UTF-16 in libexif/exif-entry.c.
  - CVE-2012-2813
* SECURITY UPDATE: denial of service and possible code execution via
  crafted tags (LP: #1024213)
  - debian/patches/CVE-2012-2814.patch: fix buffer overflows in
    libexif/exif-entry.c.
  - CVE-2012-2814
* SECURITY UPDATE: denial of service and possible info disclosure via
  crafted tags (LP: #1024213)
  - debian/patches/CVE-2012-2836.patch: fix buffer overflows in
    libexif/exif-data.c
  - CVE-2012-2836
* SECURITY UPDATE: denial of service via crafted tags (LP: #1024213)
  - debian/patches/CVE-2012-2837.patch: fix some possible
    division-by-zeros in libexif/olympus/mnote-olympus-entry.c.
  - CVE-2012-2837
* SECURITY UPDATE: denial of service and possible code execution via
  crafted tags (LP: #1024213)
  - debian/patches/CVE-2012-2840.patch: fix off-by-one in
    libexif/exif-utils.c.
  - CVE-2012-2840
* SECURITY UPDATE: denial of service and possible code execution via
  incorrect buffer size (LP: #1024213)
  - debian/patches/CVE-2012-2841.patch: validate buffer length in
    libexif/exif-entry.c.
  - CVE-2012-2841

16. By Emmanuel Bouthenot <email address hidden>

[ Kees Cook ]

* debian/copyright: fix empty lines in multi-line section, add missing
  intended "license" lines, add missing BSD license for pt_BR.po.
* debian/libexif-dev.install:
  - use multiple lines instead of technically unsupported {}.
  - remove .la file, per release goal; there are no build dep using it.
* debian/{control,compat,*.install,rules}: build for Multi-Arch support
  (Closes: #650998)

[ Emmanuel Bouthenot ]

* Bump Standards-Version to 3.9.2
* Remove DMUA field (no more needed)
* Update debian/rules to enable usage of autotools_dev sequence with
  debhelper
* Switch debhelper compatibility to 9
* Update Vcs-Git and Vcs-Browser fields

15. By Steve Langasek

releasing version 0.6.20-1ubuntu1

14. By Steve Langasek

run update-maintainer

13. By Steve Langasek

Build for multiarch. Closes: #650998.

12. By Emmanuel Bouthenot <email address hidden>

* New upstream release
* debian/copyright:
   - updates (huge backlog)
   - switch to DEP5 format
* Refresh patches and convert them to DEP3 format
* Switch to dpkg-source 3.0 (quilt) format
* Update uploader email (me)
* Bump Standards-Version to 3.9.1
* Add a patch to support new Canon camera. Thanks to Adrian von Bidder for
  the patch. Rest In Peace Adrian. (Closes: #617764).

11. By Robert Ancell

releasing version 0.6.20-0ubuntu1

10. By Emmanuel Bouthenot <email address hidden>

* New upstream release
  - fix CVE-2009-3895: heap buffer overflow during tag format conversion
    (Closes: #557137)

9. By Emmanuel Bouthenot <email address hidden>

* New upstream release
* Clean and minify the build process (using dh7 overrides)
* Bump Standards-Version to 3.8.3.
* Add README.source file.
* Add doc-base file for libexif API documentation.

8. By Emmanuel Bouthenot <email address hidden>

* Adopt the package within pkg-phototools:
  - Set the Maintainer to the group
  - Add Frederic Peters and myself as Uploaders.
  - Add Vcs-Browser and Vcs-Git fields accordingly.
* New upstream release:
  - remove patches merged upsteam:
    + 30_olympus_makernote.dpatch
    + 40_crash_looking_up_invalid_values.dpatch
    + 50_relibtoolize.dpatch
    + CVE-2007-6351.dpatch
    + CVE-2007-6352.dpatch
  - convert existing patches from dpatch to quilt.
  - Fix a bug while reading exif datas in some cases (Closes: #447907)
* Switch packaging to debhelper 7
* Update debian/control:
  - Drop duplicate section field for exif12
  - Bump Standards-Version to 3.8.1
  - Replace deprecated ${Source-Version} by ${binary:Version}
  - Enhance libexif-dev long description.
  - Add homepage field.
  - Add DM-Upload-Allowed field.
* Force remove of files not fully cleaned
* Remove empty doc files in libexif-dev.
* Update debian/copyright.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/quantal/libexif
This branch contains Public information 
Everyone can see this information.

Subscribers