Package "libexif-doc"
| Name: |
libexif-doc
|
Description: |
library to parse EXIF files (documentation)
|
| Latest version: |
0.6.24-1ubuntu0.22.04.1 |
| Release: |
jammy (22.04) |
| Level: |
security |
| Repository: |
main |
| Head package: |
libexif |
| Homepage: |
https://libexif.github.io/ |
Links
Download "libexif-doc"
Other versions of "libexif-doc" in Jammy
Changelog
|
libexif (0.6.24-1ubuntu0.22.04.1) jammy-security; urgency=medium
* SECURITY UPDATE: integer overflow when decoding MakerNotes
- debian/patches/CVE-2026-32775.patch: check maxlen to be at least 1 in
libexif/apple/mnote-apple-entry.c, libexif/canon/mnote-canon-entry.c,
libexif/fuji/mnote-fuji-entry.c, libexif/olympus/mnote-olympus-entry.c,
libexif/pentax/mnote-pentax-entry.c.
- CVE-2026-32775
* SECURITY UPDATE: 32bit integer overflow in Nikon MakerNote handling
- debian/patches/CVE-2026-40385.patch: Avoid overflow on 32bit system when
reading Nikon MakerNotes in libexif/olympus/exif-mnote-data-olympus.c.
- CVE-2026-40385
* SECURITY UPDATE: integer underflow in size checking for Fuji and Olympus
MakerNote decoding
- debian/patches/CVE-2026-40386.patch: fixed 2 unsigned integer underflows
in libexif/fuji/exif-mnote-data-fuji.c, libexif/olympus/exif-mnote-data-
olympus.c.
- CVE-2026-40386
-- Marc Deslauriers <email address hidden> Tue, 07 Jul 2026 10:37:28 -0400
|
| CVE-2026-32775 |
libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exif_mnote_data_get_value function gets passed in a 0 size, the passed in-buffer wou |
| CVE-2026-40385 |
In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or inform |
| CVE-2026-40386 |
In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak |
|
About
-
Send Feedback to @ubuntu_updates