Package: libexif Severity: grave Tags: security Justification: user security hole
A vulnerability has been found in libexif: "Integer overflow in the exif_data_load_data_entry function in exif-data.c in libexif before 0.6.14 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted EXIF data, involving the (1) doff or (2) s variable." See http://sourceforge.net/tracker/index.php?func=detail&aid=1716196&group_id=12272&atid=112272 Please mention the CVE id in the changelog. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
