Your message dated Tue, 17 Jul 2012 21:03:20 +0000 with message-id <e1srevq-0005dm...@franck.debian.org> and subject line Bug#681454: fixed in libexif 0.6.20-3 has caused the Debian Bug report #681454, regarding libexif: Overflow security vulnerabilities (CVE-2012-2812, CVE-2012-2813, CVE-2012-2814, CVE-2012-2836, CVE-2012-2837, CVE-2012-2840, CVE-2012-2841, CVE-2012-2845) to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 681454: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681454 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: libexif Version: 0.6.19-1 Severity: important Tags: security Please fix these issues in unstable with isolated fixes instead of updating to a new upstream release as the freeze is in effect. Please contact me in case you need testing or verification. Details from http://www.openwall.com/lists/oss-security/2012/07/13/2 attachment. A number of remotely exploitable issues were discovered in libexif and exif, with effects ranging from information leakage to potential remote code execution. The issues are: CVE-2012-2812: A heap-based out-of-bounds array read in the exif_entry_get_value function in libexif/exif-entry.c in libexif 0.6.20 and earlier allows remote attackers to cause a denial of service or possibly obtain potentially sensitive information from process memory via an image with crafted EXIF tags. CVE-2012-2813: A heap-based out-of-bounds array read in the exif_convert_utf16_to_utf8 function in libexif/exif-entry.c in libexif 0.6.20 and earlier allows remote attackers to cause a denial of service or possibly obtain potentially sensitive information from process memory via an image with crafted EXIF tags. CVE-2012-2814: A buffer overflow in the exif_entry_format_value function in libexif/exif-entry.c in libexif 0.6.20 allows remote attackers to cause a denial of service or possibly execute arbitrary code via an image with crafted EXIF tags. CVE-2012-2836: A heap-based out-of-bounds array read in the exif_data_load_data function in libexif 0.6.20 and earlier allows remote attackers to cause a denial of service or possibly obtain potentially sensitive information from process memory via an image with crafted EXIF tags. CVE-2012-2837: A divide-by-zero error in the mnote_olympus_entry_get_value function while formatting EXIF maker note tags in libexif 0.6.20 and earlier allows remote attackers to cause a denial of service via an image with crafted EXIF tags. CVE-2012-2840: An off-by-one error in the exif_convert_utf16_to_utf8 function in libexif/exif-entry.c in libexif 0.6.20 and earlier allows remote attackers to cause a denial of service or possibly execute arbitrary code via an image with crafted EXIF tags. CVE-2012-2841: An integer underflow in the exif_entry_get_value function can cause a heap overflow and potentially arbitrary code execution while formatting an EXIF tag, if the function is called with a buffer size parameter equal to zero or one. CVE-2012-2845: An integer overflow in the function jpeg_data_load_data in the exif program could cause a data read beyond the end of a buffer, causing an application crash or leakage of potentially sensitive information when parsing a crafted JPEG file. There are no known public exploits of these issues. AFFECTED VERSIONS All of the described vulnerabilities affect libexif version 0.6.20, and most affect earlier versions as well. SOLUTION Upgrade to version 0.6.21 which is not vulnerable to these issues. CHECKSUMS Here are the MD5 sums of the released files: 0e744471b8c3b3b1534d5af38bbf6408 exif-0.6.21.tar.bz2 78b9f501fc19c6690ebd655385cd5ad6 exif-0.6.21.tar.gz 27339b89850f28c8f1c237f233e05b27 libexif-0.6.21.tar.bz2 9321c409a3e588d4a99d63063ef4bbb7 libexif-0.6.21.tar.gz aa208b40c853792ba57fbdc1eafcdc95 libexif-0.6.21.zip Here are the SHA1 sums of the released files: 74652e3d04d0faf9ab856949d7463988f0394db8 exif-0.6.21.tar.bz2 d23139d26226b70c66d035bbc64482792c9f1101 exif-0.6.21.tar.gz a52219b12dbc8d33fc096468591170fda71316c0 libexif-0.6.21.tar.bz2 4106f02eb5f075da4594769b04c87f59e9f3b931 libexif-0.6.21.tar.gz e5990860e9ec5a6aedde0552507a583afa989ca2 libexif-0.6.21.zip ACKNOWLEDGEMENTS Mateusz Jurczyk of Google Security Team reported the issues CVE-2012-2812, CVE-2012-2813 and CVE-2012-2814. Yunho Kim reported the issues CVE-2012-2836 and CVE-2012-2837. Dan Fandrich discovered the issues CVE-2012-2840, CVE-2012-2841 and CVE-2012-2845. REFERENCES http://libexif.sf.net - Henri Salo
--- End Message ---
--- Begin Message ---Source: libexif Source-Version: 0.6.20-3 We believe that the bug you reported is fixed in the latest version of libexif, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 681...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Emmanuel Bouthenot <kol...@debian.org> (supplier of updated libexif package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 17 Jul 2012 19:05:20 +0000 Source: libexif Binary: libexif-dev libexif12 Architecture: source amd64 Version: 0.6.20-3 Distribution: unstable Urgency: high Maintainer: Debian PhotoTools Maintainers <pkg-phototools-de...@lists.alioth.debian.org> Changed-By: Emmanuel Bouthenot <kol...@debian.org> Description: libexif-dev - library to parse EXIF files (development files) libexif12 - library to parse EXIF files Closes: 681454 Changes: libexif (0.6.20-3) unstable; urgency=high . * Add patches to fix multiples security issues: CVE-2012-2814, CVE-2012-2840, CVE-2012-2813, CVE-2012-2812, CVE-2012-2841, CVE-2012-2836, CVE-2012-2837 (Closes: #681454). Checksums-Sha1: 5b525bcbda1df1940af39e6f59327bdfe3e2d010 2064 libexif_0.6.20-3.dsc ec4793f093fc32ac3f8273125a857fa8c18baaf5 14066 libexif_0.6.20-3.debian.tar.gz ee14d33c7259f840bfd28623530b702cb8d8a917 408238 libexif-dev_0.6.20-3_amd64.deb f9e5e5a738dcffff1a2d15fadbe92ad552e94e47 584268 libexif12_0.6.20-3_amd64.deb Checksums-Sha256: 02bcb26b122ad7bca4e944609db7d7c6728d7e1232b63f9d8aa97dd43efb6ac7 2064 libexif_0.6.20-3.dsc 2d5caa9c400b714054dd0c9cb4b69682f21b1c3f337195f82f171ca086242da1 14066 libexif_0.6.20-3.debian.tar.gz dc8f0193ccdf27637d389e72f064ed82f7bc4022919e50134c0f9335836ff11a 408238 libexif-dev_0.6.20-3_amd64.deb b0cd98be65093d96ea67d03b15574fda04b43febc18d93b39d33216bc15ecf09 584268 libexif12_0.6.20-3_amd64.deb Files: c988cccc711538f685d798e18adada42 2064 libs optional libexif_0.6.20-3.dsc 83750e122eaa71f7444fd68c17f39987 14066 libs optional libexif_0.6.20-3.debian.tar.gz 0b897da39f212234561b3c495f0e7f3e 408238 libdevel optional libexif-dev_0.6.20-3_amd64.deb 2c4506d21aa8782b1b266ccd3e637f1d 584268 libs optional libexif12_0.6.20-3_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCgAGBQJQBc5tAAoJEEsHdyOSnULDrmkP/jEKngjOzWGSPNzQebYYB9IF f1mMjnr9N5PyoG/OpwU7xxcoU1ocMT0jjgZRYFbVOO7/PFYMllOE+rArRLEofxt4 N0AUCXvQTf6/UDJfjFHAF6ZgyZCDxuX3yWoJ8G0eh4wFJqxttlDImwWnIQ+hsuYB 8HkNp78Up0X7J9oPTVdGrt3gqgi6EsPyLTKy4NKm7s29am+RgpN7QrRv7K9awYjE 0xPE+7CTjW58EmARE/vtNak2dZVUUFCj6piW145JSyduK1JF/1TNS0x3JAWakPel n5hYdN6N1FYctx9PHRMBuxrlzXn7dnV5ImTeHb6Qm2pZm7SYGgUuag74eu9+goAM FNZsPPmtG73MqAN0k/HTrzoZuul9kXTF63p/ELOmFC1hiTXUWvPAbFga25q6avDD Tzube7q8GiMPowr87x/IQz6v/PtaLYgeN0BK/+W8/P7dQkcvnayjoFWFKfFBeCkj eMn0PDLqs3rgEzcvhRLzvaXvSBPMrnQSbkElp21a5MYEuDPdv8k2tVnyKOInNzks tdm8duzGstpTJotIy/pxV8TT76MThvSy/nPSitP7gPI10KbWveSotCnnqOUD+Mm0 /Oc4MG69ukI1wXGcOpyFNO2hnFWBOAI6UX9IWf3hSHpw4FE5AtLRFFjAscTlmGL4 iB+D9enk0/Ryv+y9IfYg =VeL1 -----END PGP SIGNATURE-----
--- End Message ---
