libexif_0.6.24-1+deb12u1_source.changes ACCEPTED into oldstable-proposed-updates->oldstable-new
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Fri May 8 23:36:11 BST 2026
Thank you for your contribution to Debian.
Mapping bookworm to oldstable.
Mapping oldstable to oldstable-proposed-updates.
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 20 Apr 2026 07:42:42 -0300
Source: libexif
Architecture: source
Version: 0.6.24-1+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Debian PhotoTools Maintainers <pkg-phototools-devel at lists.alioth.debian.org>
Changed-By: Emmanuel Arias <eamanu at debian.org>
Closes: 1131116 1133922 1133923
Changes:
libexif (0.6.24-1+deb12u1) bookworm; urgency=medium
.
* Team upload.
* d/patches/CVE-2026-40386.patch Add patch for CVE-2026-40386.
- An integer underflow in size checking for Fuji and Olympus MakerNote
decoding could be used by attackers to crash or leak information out
of libexif-using programs (Closes: #1133923).
* d/patches/CVE-2026-40385.patch: Add patch for CVE-2026-40385.
- An unsigned 32bit integer overflow in Nikon MakerNote handling could
be used by local attackers to cause crashes or information leaks.
(Closes: #1133922).
* d/patches/CVE-2026-32775.patch: Add patch for CVE-2026-32775.patch.
- If the exif_mnote_data_get_value function in MakerNotes gets passed
in a 0 size, the passed in-buffer would be overwritten due to an
integer underflow (Closes: #1131116).
Checksums-Sha1:
1b09676ca50532eb3d8d29ecfee6eb8d5ea06ffa 2136 libexif_0.6.24-1+deb12u1.dsc
e7c156763b2a597ba687cd99a42f8ab47e9aa7ea 13356 libexif_0.6.24-1+deb12u1.debian.tar.xz
a1469c59ab8918f9196e8b56a4a34addf2ef724f 9508 libexif_0.6.24-1+deb12u1_amd64.buildinfo
Checksums-Sha256:
966c6129c35f398ec868398e126496764c3afabe5f3ec3e8b7f1eba61144b4f6 2136 libexif_0.6.24-1+deb12u1.dsc
ddf8224fe0d54ab840e2f85f4e0a219103079b043ec59ca6f900d7476927e613 13356 libexif_0.6.24-1+deb12u1.debian.tar.xz
0e5bacca5d06dcc0c3abd5e17b8c8a643db0b960182b421218d8f490b9d3256d 9508 libexif_0.6.24-1+deb12u1_amd64.buildinfo
Files:
74fa6801eed54778cb5f318d26cf65f2 2136 libs optional libexif_0.6.24-1+deb12u1.dsc
4bd28e346babbc93a9175ae729853657 13356 libs optional libexif_0.6.24-1+deb12u1.debian.tar.xz
ead7bbe9b28cf25de3489b29e4140a0c 9508 libs optional libexif_0.6.24-1+deb12u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJGBAEBCgAwFiEEE3lnVbvHK7ir4q61+p3sXeEcY/EFAmn+YMYSHGVhbWFudUBk
ZWJpYW4ub3JnAAoJEPqd7F3hHGPxUJkP+wTW/zj+KQlpM0fDaFIPbC6OtvDNvYLx
ukv0ALvxyynnDcbLgEbkMe35WbH5P6Ciygw4DbjmlwjoFzw7OlFymos1HNlrjwZF
yDfDzxC0zqHDsSi9aKBdq9AVsaw1HQQZV5zvTKRMExUCgtmGtwyNNr616+aKx00t
WGUoqdYQiCpFYUZFF5kHa6Rpup9IUCAFKHjhKxOab8Fwv7H6zjE0T6Nwc9Ur7KHM
3APF08Vb32bwSzw/jfE/yTLDDo0FiNk4ZOlXjLzjnGNuHsi4mde78oR5w7DN+AmJ
Fzw1/vWao2nh1djnT9g3I/Z70550/shmVwX4uV3WcVtg7UA+B9+kU7NpCcQEoLLk
NMT39dLnUqnMJxUoHz66EV+7QoWMs4ISNROEm1/Ji/c1BTY0qGXCPHPtdypijn0k
wWzj4HSEs5ETNUuUKYLRHvBXtiHtvQtC+CljTrMNBZwZOFJKhU6wPMpGg4loETFQ
dO61PrM4Su4HE4MnzgKA1grlzJTBG2Y3Qe7merYnAYPck2MBxBw5NDOHhMmTeEY/
K8AR8m/NRQblP0aMWny/IAbDTuQBS32lb4Xq9TcMuRSVhX/skC+Mz0J8zUyWb/kl
+yMbNlfmHpcT4lA7kxFzdnMuOZ6RpWoOUakglTVB84hLOmTDjaB1zrq7oJIDTtmL
ZSsDQC3hp6LT
=+DHZ
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-phototools-devel/attachments/20260508/70d07b94/attachment.sig>
More information about the Pkg-phototools-devel
mailing list