Репозитории ALT
S: | 0.6.24-alt1 |
5.1: | 0.6.17-alt1 |
4.1: | 0.6.16-alt3 |
4.0: | 0.6.16-alt2 |
3.0: | 0.6.12-alt3 |
+updates: | 0.6.16-alt0.M30.1 |
Группа :: Система/Библиотеки
Пакет: libexif
Главная Изменения Спек Патчи Sources Загрузить Gear Bugs and FR Repocop
5 февраля 2022 Dmitriy Khanzhin <jinn at altlinux.org> 0.6.24-alt1
- 0.6.24
- 0.6.23
- added upstream commit:
+ fixed a incorrect overflow check that could be optimized away
(fixes CVE-2020-0452)
- added upstream commits:
+ fixed another unsigned integer overflow (fixes CVE-2020-0198)
+ use correct integer type on PowerPC/RISC-based systems
- 0.6.22 (fixes: CVE-2016-6328, CVE-2017-7544, CVE-2019-9278, CVE-2020-0093,
CVE-2020-12767, CVE-2020-13112, CVE-2020-13113, CVE-2020-13114,
CVE-2018-20030) - changed Url
- 0.6.21
- fixed CVE-2012-2812, CVE-2012-2813, CVE-2012-2814, CVE-2012-2836,
CVE-2012-2837, CVE-2012-2840, CVE-2012-2841, CVE-2012-2845
- rebuilt for debuginfo
- 0.6.20 (closes: #24855)
- rebuilt for soname set-versions
- 0.6.19 (closes: #23961)
- 0.6.17 (closes: #17994)
- dropped unnecessary patches
- removed %autoreconf (and package cvs from BuildRequires)
- bzip2 ChangeLog
- removed obsolete post{,un}_ldconfig calls
- cleanup spec
- supplemented some a descriptions
- added Packager tag
- renamed patches for fix previous CVE's
- security fixes:
+ CVE-2007-6351, CVE-2007-6352 (upstream patches)
+ thanks ldv@ for information - licence tag changed to LGPLv2+
- 0.6.16: major security fixes
+ this version fixes an integer overflow reported by iDefense
+ thanks ldv@ for heads up - updated patch3
- disabled patch4, updated buildrequires (added doxygen)
- 0.6.14: security fixes
+ http://secunia.com/advisories/25235/
an error exists within the handling of malformed EXIF information;
this can be exploited to crash an application using the library and may
allow execution of arbitrary code
+ thanks Valery Inozemtsev (shrek@) for alerting - s/autoconf/autoreconf -fisv/
- updated buildrequires
- got back translations (apparently missed in 0.6.13 due to
packaging thinko re minor/soname during 0.6.12 with .so.12) - demacrified Url:
- 0.6.13
- removed patch0 (applied upstream), patch1 and patch2 (failed to apply)
- applied patch3, patch4 from Gentoo
- Rebuilt for new pkg-config dependencies.
- rebuilt for Sisyphus, thanks Led for preparing fixed package
- *fixed* #6943 (libexif failed to handle quite some JPEGs)
- fixed #6681 (s/GPL/LGPL/)
- fixed #6943
- Prevent infinite recursion (#156365)
- Fix MakerNote handling (#153282)
- 0.6.12
- 0.6.10
- do not build devel-static subpackage by default.
- Do not package .la files.
- new version
- new version
- 0.5.6
- Rebuilt in new environment
- First build for Sisyphus