#13665 closed enhancement (fixed)
libexif-0.6.22
Reported by: | Douglas R. Reno | Owned by: | Douglas R. Reno |
---|---|---|---|
Priority: | high | Milestone: | 10.0 |
Component: | BOOK | Version: | SVN |
Severity: | normal | Keywords: | |
Cc: |
Description
New point version
This is the 0.6.22 release of libexif. It largely contains stability, security and bugfixes. Some EXIF 2.3 tags have been added. It is ABI compatible to 0.6.21 release. New translations: ms Updated translations for most languages Fixed C89 compatibility Fixed warnings on recent versions of autoconf Some useful EXIF 2.3 tag added: EXIF_TAG_GAMMA EXIF_TAG_COMPOSITE_IMAGE EXIF_TAG_SOURCE_IMAGE_NUMBER_OF_COMPOSITE_IMAGE EXIF_TAG_SOURCE_EXPOSURE_TIMES_OF_COMPOSITE_IMAGE EXIF_TAG_GPS_H_POSITIONING_ERROR EXIF_TAG_CAMERA_OWNER_NAME EXIF_TAG_BODY_SERIAL_NUMBER EXIF_TAG_LENS_SPECIFICATION EXIF_TAG_LENS_MAKE EXIF_TAG_LENS_MODEL EXIF_TAG_LENS_SERIAL_NUMBER Lots of fixes exposed by fuzzers like AFL, ClusterFuzz, OSSFuzz and others. CVE-2018-20030: Fix for recursion DoS CVE-2020-13114: Time consumption DoS when parsing canon array markers CVE-2020-13113: Potential use of uninitialized memory CVE-2020-13112: Various buffer overread fixes due to integer overflows in maker notes CVE-2020-0093: read overflow CVE-2019-9278: replaced integer overflow checks the compiler could optimize away by safer constructs CVE-2020-12767: fixed division by zero CVE-2016-6328: fixed integer overflow when parsing maker notes CVE-2017-7544: fixed buffer overread
This package seems to have moved to github as well.
Change History (5)
comment:1 by , 5 years ago
Owner: | changed from | to
---|---|
Status: | new → assigned |
comment:2 by , 5 years ago
Note:
See TracTickets
for help on using tickets.
https://github.com/libexif/libexif/releases/download/libexif-0_6_22-release/libexif-0.6.22.tar.xz
This seems to use a normal-ish download scheme