[SECURITY] Fedora 7 Update: libexif-0.6.15-1.fc7

updates at fedoraproject.org updates at fedoraproject.org
Thu May 31 18:07:55 UTC 2007 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-0001
None
--------------------------------------------------------------------------------

Name        : libexif
Product     : Fedora 7
Version     : 0.6.15
Release     : 1.fc7
Summary     : Library for extracting extra information from image files
Description :
Most digital cameras produce EXIF files, which are JPEG files with
extra tags that contain information about the image. The EXIF library
allows you to parse an EXIF file and read the data from those tags.

--------------------------------------------------------------------------------
Update Information:

This update to the latest upstream release fixes a number of bugs, among them a possible integer overflow in the exif_data_load_data_entry function 
(CVE-2007-2645), which allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted EXIF data.
--------------------------------------------------------------------------------
ChangeLog:

* Wed May 30 2007 Matthias Clasen <mclasen at redhat.com> - 0.6.15-1
- Update to 0.6.15
- Drop obsolete patch
* Thu May 24 2007 Matthias Clasen <mclasen at redhat.com> - 0.6.13-4
- Add patch for CVE-2007-2645.
--------------------------------------------------------------------------------
References:

  CVE-2007-2645 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2645
--------------------------------------------------------------------------------
Updated packages:

259b0a93b4e96c33c24a75a6d0b312120ac530bf libexif-devel-0.6.15-1.fc7.ppc64.rpm
1e2453c2ca793bcda0729db3cd45b1fa18c21685 libexif-debuginfo-0.6.15-1.fc7.ppc64.rpm
66ed02a08e52eab0d06d120e521ca23ff33679f3 libexif-0.6.15-1.fc7.ppc64.rpm
13c1a5cd5a17155825bf0d77584086fd87f6810a libexif-debuginfo-0.6.15-1.fc7.i386.rpm
052b7d7fdfefbf2c5e18a1b31f2256e00d61d622 libexif-devel-0.6.15-1.fc7.i386.rpm
0494958fb4278f7c859bfa23afaf0eed6e47ed1b libexif-0.6.15-1.fc7.i386.rpm
2fcd5d419e690eff68a9845e9a51d81665ed82d4 libexif-debuginfo-0.6.15-1.fc7.x86_64.rpm
b8904b86c20a7dbc39d9d58164c0258789469c6c libexif-0.6.15-1.fc7.x86_64.rpm
8d8657eb0e463125bea71b1b97d8c6613e73ffd0 libexif-devel-0.6.15-1.fc7.x86_64.rpm
a5e9d7f1d81bb295a13f30681f7eac8b517b47e1 libexif-0.6.15-1.fc7.ppc.rpm
e47125d9b3919724edffb544101305c3dd8e2a4c libexif-debuginfo-0.6.15-1.fc7.ppc.rpm
fe35d26972c90154cb285534be03bebba4be315b libexif-devel-0.6.15-1.fc7.ppc.rpm
500a6a4fda130d4fe4025d6f64feddd29ebac275 libexif-0.6.15-1.fc7.src.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------

More information about the package-announce mailing list