Package name
libexif
Date
2007-06-08
Advisory ID
MDKSA-2007:118
Affected versions
CS4.0 x86_64 , 2007.0 x86_64 , 2007.1 i586 , 2007.0 i586 , CS3.0 x86_64 , CS4.0 i586 , CS3.0 i586 , 2007.1 x86_64

Problem description

Integer overflow in the exif_data_load_data_entry function in
exif-data.c in libexif before 0.6.14 allows user-assisted remote
attackers to cause a denial of service (crash) or possibly execute
arbitrary code via crafted EXIF data.

Updated packages have been patched to prevent this issue.

Updated packages

CS4.0 x86_64

 b7e02d89a1ecd4b70e581f86d347b0f5  corporate/4.0/x86_64/lib64exif12-0.6.12-2.1.20060mlcs4.x86_64.rpm
 caa2c7e5c2ac078626ae89b1fab07406  corporate/4.0/x86_64/lib64exif12-devel-0.6.12-2.1.20060mlcs4.x86_64.rpm 
 fb63127c388f24483317139078f311f4  corporate/4.0/SRPMS/libexif-0.6.12-2.1.20060mlcs4.src.rpm

2007.0 x86_64

 3a12325160f97f932e9219204cbc7530  2007.0/x86_64/lib64exif12-0.6.13-2.1mdv2007.0.x86_64.rpm
 923cd72076fad582cf2c4797205f40e9  2007.0/x86_64/lib64exif12-devel-0.6.13-2.1mdv2007.0.x86_64.rpm 
 d844f09d409daecc2389db2676e50873  2007.0/SRPMS/libexif-0.6.13-2.1mdv2007.0.src.rpm

2007.1 i586

 72c028dc116ab801193597474a97b5dd  2007.1/i586/libexif12-0.6.13-4.1mdv2007.1.i586.rpm
 1603116edb2e3c2ff7dab21e55918c37  2007.1/i586/libexif12-devel-0.6.13-4.1mdv2007.1.i586.rpm 
 af9f57cbcb05284a5b3b9f40cb9ebfb0  2007.1/SRPMS/libexif-0.6.13-4.1mdv2007.1.src.rpm

2007.0 i586

 8de9838c6688aa2502eb58fda312003a  2007.0/i586/libexif12-0.6.13-2.1mdv2007.0.i586.rpm
 580e145204195974bc7c952172c446b3  2007.0/i586/libexif12-devel-0.6.13-2.1mdv2007.0.i586.rpm 
 d844f09d409daecc2389db2676e50873  2007.0/SRPMS/libexif-0.6.13-2.1mdv2007.0.src.rpm

CS3.0 x86_64

 2ed9200d78941a8e8028d0863edf21ef  corporate/3.0/x86_64/lib64exif9-0.5.12-3.2.C30mdk.x86_64.rpm
 d6782377ec44ed36da7b79e314889298  corporate/3.0/x86_64/lib64exif9-devel-0.5.12-3.2.C30mdk.x86_64.rpm 
 aa33d9f4305d33eedb1dcb03e0160340  corporate/3.0/SRPMS/libexif-0.5.12-3.2.C30mdk.src.rpm

CS4.0 i586

 59c79de51e734476082d2e8441b37379  corporate/4.0/i586/libexif12-0.6.12-2.1.20060mlcs4.i586.rpm
 bdd1f9b7048916221b20ef6beca09046  corporate/4.0/i586/libexif12-devel-0.6.12-2.1.20060mlcs4.i586.rpm 
 fb63127c388f24483317139078f311f4  corporate/4.0/SRPMS/libexif-0.6.12-2.1.20060mlcs4.src.rpm

CS3.0 i586

 7006c28a35c773a399990c5920093996  corporate/3.0/i586/libexif9-0.5.12-3.2.C30mdk.i586.rpm
 513cc72e7240fec7f445aec15411ecf6  corporate/3.0/i586/libexif9-devel-0.5.12-3.2.C30mdk.i586.rpm 
 aa33d9f4305d33eedb1dcb03e0160340  corporate/3.0/SRPMS/libexif-0.5.12-3.2.C30mdk.src.rpm

2007.1 x86_64

 cd26e48c6bb15bad651254f893e73e1f  2007.1/x86_64/lib64exif12-0.6.13-4.1mdv2007.1.x86_64.rpm
 e7b605766d1c4a345d6691a725defc87  2007.1/x86_64/lib64exif12-devel-0.6.13-4.1mdv2007.1.x86_64.rpm 
 af9f57cbcb05284a5b3b9f40cb9ebfb0  2007.1/SRPMS/libexif-0.6.13-4.1mdv2007.1.src.rpm

References