libexif_0.6.25-1+deb13u1_source.changes ACCEPTED into proposed-updates
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Sat May 9 09:32:05 BST 2026
Thank you for your contribution to Debian.
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 17 Apr 2026 07:48:04 -0300
Source: libexif
Architecture: source
Version: 0.6.25-1+deb13u1
Distribution: trixie
Urgency: medium
Maintainer: Debian PhotoTools Maintainers <pkg-phototools-devel at lists.alioth.debian.org>
Changed-By: Emmanuel Arias <eamanu at debian.org>
Closes: 1131116 1133922 1133923
Changes:
libexif (0.6.25-1+deb13u1) trixie; urgency=medium
.
* Team upload.
* d/patches/CVE-2026-40386.patch Add patch for CVE-2026-40386.
- An integer underflow in size checking for Fuji and Olympus MakerNote
decoding could be used by attackers to crash or leak information out
of libexif-using programs (Closes: #1133923).
* d/patches/CVE-2026-40385.patch: Add patch for CVE-2026-40385.
- An unsigned 32bit integer overflow in Nikon MakerNote handling could
be used by local attackers to cause crashes or information leaks.
(Closes: #1133922).
* d/patches/CVE-2026-32775.patch: Add patch for CVE-2026-32775.patch.
- If the exif_mnote_data_get_value function in MakerNotes gets passed
in a 0 size, the passed in-buffer would be overwritten due to an
integer underflow (Closes: #1131116).
Checksums-Sha1:
43fdb88452e4fc0c7cfb39222cc90bf6cd450331 2127 libexif_0.6.25-1+deb13u1.dsc
55158cf229aa8bd9809398bfa489844d25bd4567 13744 libexif_0.6.25-1+deb13u1.debian.tar.xz
c02dc31828a049b9a4931af183bc7385388cb36f 8971 libexif_0.6.25-1+deb13u1_amd64.buildinfo
Checksums-Sha256:
807f8e0e2da5182d824808aa5a22e24c032be58ed951b23539d1c2aebb86b319 2127 libexif_0.6.25-1+deb13u1.dsc
ad1b1a2555cc911f8e04a601f2edeb4987f71846c6c9e827d52d460ff4a4bccf 13744 libexif_0.6.25-1+deb13u1.debian.tar.xz
53d834624afa536057ae1d14645b1cd426220aab32a0c3fb7c515ae0d014d18e 8971 libexif_0.6.25-1+deb13u1_amd64.buildinfo
Files:
f1f8f65f9d33f869baa974f61e849d41 2127 libs optional libexif_0.6.25-1+deb13u1.dsc
a7a8b3422ab1bee54f1afc4cecd04f45 13744 libs optional libexif_0.6.25-1+deb13u1.debian.tar.xz
64c8872e4342a79e7ea1a525a4223134 8971 libs optional libexif_0.6.25-1+deb13u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJGBAEBCgAwFiEEE3lnVbvHK7ir4q61+p3sXeEcY/EFAmn+W6ESHGVhbWFudUBk
ZWJpYW4ub3JnAAoJEPqd7F3hHGPxMYEP/iJUaHbpYFcS7WvFo3queQznJlX2IUCM
oXCMjkjHdAU/VhWZ35ADsm1qv+MkTkTi5VyJUCIfd11afHOSytVLrUuev1ErohZR
R4igtUNxDJ3Xa5ZhZuACniaqneYQsnUYMHIVp8Xd6wDTwIRe6XU3XgvAP9SpMi5d
L7tyrY2QlZOIhzdtk7yfgVuLVKZ+h8LJ6EEdoGzAUP8e7m8j7ENxAcK4ssoDCbno
BlYNLV1HzgfPq6EhK1IDs/wDrx5EeGMr8WNT3FmVaz0h9zIsCAuOpyj7BNlfUFx0
Me/eR6r6Dk2chaNOzMvbCqh1pwQjAep2rzHeZENuZuNOtz855/MR2olSXdImkG/i
q+V2HzmKwSBtFgBGbBkPp2WtcPyZZgL9rDk0Kjzo0+agQNl3NE2WYcXFPA/H4lLW
yx+/aLpVMCX/SZTO+FIyjz5uQIZE0x+uCbHMKTqAnaazdBNheQm6ZxNenQI9qC/t
MlxIkHDFm+mNEO1GplFQDwRPEQmQ0ztLJ6hGUgD8YgflJAIFiwdNoXhnn1pseZAi
domQT7krudFfBRGiR9e1imvCiuVQ8ouWckg9njGY8nqAZFpDp3fVBEYzYa9akhoC
UBcrxlEA/tkrWQJxEeJtOdR9WcRSbekLaoWhHMTsdTBetv+McE48ysXKZ+yupCdI
M9pcDOtpOyHs
=dQCP
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-phototools-devel/attachments/20260509/747df975/attachment.sig>
More information about the Pkg-phototools-devel
mailing list