2007
libexif (0.6.16-2.1) unstable; urgency=high
* Non-maintainer upload by security team.
* This update addresses the following security issues:
- possible denial of service attack via crafted
image file leading to an infinite recursion in the
exif-loader.c (CVE-2007-6351; Closes: #457330).
- integer overflow in exif-data.c triggered by a crafted
image file could lead to arbitrary code execution
(CVE-2007-6352; Closes: #457330).
-- Nico Golde <nion@debian.org> Fri, 21 Dec 2007 17:13:58 +0100
libexif (0.6.16-2) unstable; urgency=low
* debian/libexif12.docs: added README file (closes: #434773)
-- Frederic Peters <fpeters@debian.org> Thu, 26 Jul 2007 19:37:47 +0200
libexif (0.6.16-1) unstable; urgency=high
* New upstream release, with security fix:
* Integer overflow in the exif_data_load_data_entry (CVE-2006-4168)
(closes: #430012)
-- Frederic Peters <fpeters@debian.org> Thu, 21 Jun 2007 20:42:24 +0200
libexif (0.6.15-1) unstable; urgency=high
* New upstream release, with security fixes:
* Integer overflow in the exif_data_load_data_entry (CVE-2007-2645)
(closes: #424775)
* Don't dereference NULL (CID 4) (no assigned CVE)
* Don't parse Makernote when there is not enough data for
(makernote-irelevant) IFD1 (no assigned CVE)
* debian/patches/30_olympus_makernote.dpatch: merged upstream
* debian/patches/40_crash_looking_up_invalid_values.dpatch: merged upstream
* debian/patches/50_relibtoolize.dpatch: run libtoolize on sources
-- Frederic Peters <fpeters@debian.org> Fri, 25 May 2007 10:04:00 +0200
libexif (0.6.13-6) unstable; urgency=low
* debian/control: added build-depends on dpatch
* debian/rules: use dpatch
* debian/patches/10_pkg_config_header_dir.dpatch: patch from 0.6.13-4
* debian/patches/20_extra_colorspace_check.dpatch: patch from 0.6.13-5
* debian/patches/30_olympus_makernote.dpatch: added support for Olympus S760
& S770 makernote (closes: #418945)
* debian/patches/40_crash_looking_up_invalid_values.dpatch: backport of
"fixed crashes when looking up invalid values (upstream #1457501)".
-- Frederic Peters <fpeters@debian.org> Tue, 08 May 2007 11:47:19 +0200
2006
libexif (0.6.13-5) unstable; urgency=low
* libexif/exif-entry.c: added extra check against value read for color
space (closes: #398426) (this is not from upstream but upstream is
said to have this fixed as well, couldn't find how)
-- Frederic Peters <fpeters@debian.org> Sun, 19 Nov 2006 22:57:21 +0100
libexif (0.6.13-4) unstable; urgency=low
* libexif/libexif.pc.in: fixed CFLAGS, so include dir is correctly set.
(closes: #356567)
-- Frederic Peters <fpeters@debian.org> Sun, 12 Mar 2006 21:14:27 +0100
libexif (0.6.13-3) unstable; urgency=low
* debian/watch: added uscan file.
-- Frederic Peters <fpeters@debian.org> Mon, 6 Mar 2006 00:06:29 +0100
libexif (0.6.13-2) unstable; urgency=low
* ship NEWS file in libexif12 package. (closes: #355262)
-- Frederic Peters <fpeters@debian.org> Sat, 4 Mar 2006 16:57:03 +0100
libexif (0.6.13-1) unstable; urgency=low
* New upstream release.
* debian/control: depends on doxygen and graphviz to build documentation;
packaged in libexif-dev.
-- Frederic Peters <fpeters@debian.org> Sun, 26 Feb 2006 20:09:03 +0100
2005
libexif (0.6.12-2) unstable; urgency=low
* libexif/exif-data.c: backported fix from CVS (revision 1.68)
(closes: #318662)
-- Frederic Peters <fpeters@debian.org> Sun, 17 Jul 2005 02:49:46 +0200
libexif (0.6.12-1) unstable; urgency=low
* New upstream release. (closes: #281297) * soname bumped to 12 * buffer size checks in exif-data.c merged upstream. * po-domain.path merged upstream. * libexif/exif-utils.c: fixed exif_get_sshort declaration mismatch.
-- Frederic Peters <fpeters@debian.org> Sat, 16 Jul 2005 10:08:51 +0200
libexif (0.6.9-6) unstable; urgency=low
* libexif/exif-loader.h: don't include itself. (closes: #299507)
-- Frederic Peters <fpeters@debian.org> Mon, 14 Mar 2005 16:56:48 +0100
libexif (0.6.9-5) unstable; urgency=high
* Urgency high since it fixes a security issue.
* Patch provided from Ubuntu by Martin Pitt, written by Sylvain Defresne.
* libexif/exif-data.c: Add buffer size checks in several places before
trying to access it. (closes: #298464)
* Reference: https://bugzilla.ubuntulinux.org/show_bug.cgi?id=7152
* debian/control: reworded description synopsis.
-- Frederic Peters <fpeters@debian.org> Mon, 7 Mar 2005 18:56:31 +0100
2004
libexif (0.6.9-4) unstable; urgency=low
* debian/copyright: fixed license (LGPL, not GPL) (closes: #281442)
-- Frederic Peters <fpeters@debian.org> Tue, 16 Nov 2004 10:40:55 +0100
libexif (0.6.9-3) unstable; urgency=medium
* src/exif-data.c: fix for crasher bug with EXIF data in some Canon
pictures. (closes: #279337)
* debian/rules: fixed clean target
-- Frederic Peters <fpeters@debian.org> Wed, 3 Nov 2004 09:38:13 +0100
libexif (0.6.9-2) unstable; urgency=medium
* Adopted package.
* debian/control: bumped Standards-Version to 3.6.1
* debian/rules: delete po/libexif-$(major).pot in clean target
* libexif/exif-data.c: fixed segfault on some pictures (urgency medium since
it broke gimp and others with those files)
-- Frederic Peters <fpeters@debian.org> Mon, 11 Oct 2004 09:44:24 +0200
libexif (0.6.9-1) unstable; urgency=low
* New upstream release.
-- christophe barbe <christophe@debian.org> Fri, 28 May 2004 16:15:19 -0400
2003
libexif (0.5.12-1) unstable; urgency=low
* New upstream release (Closes: #206081).
-- christophe barbe <christophe@debian.org> Mon, 18 Aug 2003 21:00:57 -0400
libexif (0.5.10-2) unstable; urgency=low
* Use soname in po domain to avoid conflict with libexif5 (Closes: #203956).
-- christophe barbe <christophe@debian.org> Sun, 3 Aug 2003 10:24:48 -0400
libexif (0.5.10-1) unstable; urgency=low
* New upstream featuring a new exif-loader.
-- christophe barbe <christophe@debian.org> Sun, 27 Jul 2003 16:01:27 -0400
libexif (0.5.9-5) unstable; urgency=low
* Move DH_COMPAT in debian/compat. * Bump Standards-Version up to 3.5.9. * In new libdevel section.
-- christophe barbe <christophe@debian.org> Thu, 3 Apr 2003 20:42:49 -0500
libexif (0.5.9-4) unstable; urgency=low
* Apply the libtool patch soon enough.
-- christophe barbe <christophe@debian.org> Mon, 27 Jan 2003 10:26:40 -0500
libexif (0.5.9-3) unstable; urgency=low
* Libtool update to finally get a working MIPS package (Closes: 177973).
-- christophe barbe <christophe@debian.org> Sun, 26 Jan 2003 16:04:42 -0500
libexif (0.5.9-2) unstable; urgency=low
* Added autotools-dev code (so the MIPS package should be built).
-- christophe barbe <christophe@debian.org> Wed, 22 Jan 2003 09:01:47 -0500
libexif (0.5.9-1) unstable; urgency=low
* New upstream release.
-- christophe barbe <christophe@debian.org> Mon, 20 Jan 2003 16:48:14 -0500
2002
libexif (0.5.7-1) unstable; urgency=low
* New upstream release.
-- christophe barbe <christophe@debian.org> Mon, 2 Dec 2002 21:29:45 -0500
libexif (0.5.6-4) unstable; urgency=low
* Fix override disparity (The 'I can do it' release).
-- christophe barbe <christophe@debian.org> Sat, 16 Nov 2002 16:12:16 -0500
libexif (0.5.6-3) unstable; urgency=low
* Fix override disparity.
-- christophe barbe <christophe@debian.org> Sat, 16 Nov 2002 16:00:59 -0500
libexif (0.5.6-2) unstable; urgency=low
* Quick fix to avoid conflict with libexif5 (Closes: #169313, #169336, #169337).
-- christophe barbe <christophe@debian.org> Sat, 16 Nov 2002 15:18:18 -0500
libexif (0.5.6-1) unstable; urgency=low
* New upstream release (Closes: #168382).
-- christophe barbe <christophe@debian.org> Sun, 10 Nov 2002 22:20:05 -0500
libexif (0.5.3-1) unstable; urgency=low
* New upstream release.
-- christophe barbe <christophe@debian.org> Tue, 18 Jun 2002 21:17:56 -0400
libexif (0.5.0-2) unstable; urgency=low
* Fix wrong email address in control file.
-- christophe barbe <christophe@debian.org> Wed, 24 Apr 2002 14:38:37 -0400
libexif (0.5.0-1) unstable; urgency=low
* Initial Release.
-- christophe barbe <christophe.barbe@ufies.org> Wed, 13 Feb 2002 17:58:36 -0500