Package name
exif
Date
2013-04-05
Advisory ID
MDVSA-2013:036
Affected versions
MBS1 x86_64

Problem description

A vulnerability has been discovered and corrected in exif:

An integer overflow in the function jpeg_data_load_data in the exif
program could cause a data read beyond the end of a buffer, causing
an application crash or leakage of potentially sensitive information
when parsing a crafted JPEG file (CVE-2012-2845).

The updated packages have been upgraded to the 0.6.21 version which
is not vulnerable to this issue.

Updated packages

MBS1 x86_64

 23d7264ea86a3021fecef44d09ceb63c  mbs1/x86_64/exif-0.6.21-1.mbs1.x86_64.rpm 
 4ace2daa5991907db15147a545e2d186  mbs1/SRPMS/exif-0.6.21-1.mbs1.src.rpm

References