From 22dcc11fde53d05513f223575772f0217857f1d31853a5f60471bb6805124adf Mon Sep 17 00:00:00 2001
From: Marcus Meissner <meissner@suse.com>
Date: Mon, 18 May 2020 16:10:21 +0000
Subject: [PATCH] - libexif-0.6.22 (2020-05-18) release:   * New translations:
 ms   * Updated translations for most languages   * Fixed C89 compatibility  
 * Fixed warnings on recent versions of autoconf   * Some useful EXIF 2.3 tag
 added:     * EXIF_TAG_GAMMA     * EXIF_TAG_COMPOSITE_IMAGE     *
 EXIF_TAG_SOURCE_IMAGE_NUMBER_OF_COMPOSITE_IMAGE     *
 EXIF_TAG_SOURCE_EXPOSURE_TIMES_OF_COMPOSITE_IMAGE     *
 EXIF_TAG_GPS_H_POSITIONING_ERROR     * EXIF_TAG_CAMERA_OWNER_NAME     *
 EXIF_TAG_BODY_SERIAL_NUMBER     * EXIF_TAG_LENS_SPECIFICATION     *
 EXIF_TAG_LENS_MAKE     * EXIF_TAG_LENS_MODEL     *
 EXIF_TAG_LENS_SERIAL_NUMBER   * Lots of fixes exposed by fuzzers like AFL,
 ClusterFuzz, OSSFuzz and others.     * CVE-2018-20030: Fix for recursion DoS
 (bsc#1120943)     * CVE-2020-13114: Time consumption DoS when parsing canon
 array markers     * CVE-2020-13113: Potential use of uninitialized memory    
 * CVE-2020-13112: Various buffer overread fixes due to integer overflows in
 maker notes     * CVE-2020-0093: read overflow (bsc#1171847)     *
 CVE-2019-9278: replaced integer overflow checks the compiler could optimize
 away by safer constructs (bsc#1160770)     * CVE-2020-12767: fixed division
 by zero (bsc#1171475)     * CVE-2016-6328: fixed integer overflow when
 parsing maker notes (bsc#1171475)     * CVE-2017-7544: fixed buffer overread
 (bsc#1059893)

OBS-URL: https://build.opensuse.org/package/show/graphics/libexif?expand=0&rev=36
---
 libexif.changes | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)

diff --git a/libexif.changes b/libexif.changes
index 0a397d2..df2f2a5 100644
--- a/libexif.changes
+++ b/libexif.changes
@@ -1,3 +1,34 @@
+-------------------------------------------------------------------
+Mon May 18 16:08:17 UTC 2020 - Marcus Meissner <meissner@suse.com>
+
+- libexif-0.6.22 (2020-05-18) release:
+  * New translations: ms
+  * Updated translations for most languages
+  * Fixed C89 compatibility
+  * Fixed warnings on recent versions of autoconf
+  * Some useful EXIF 2.3 tag added:
+    * EXIF_TAG_GAMMA
+    * EXIF_TAG_COMPOSITE_IMAGE
+    * EXIF_TAG_SOURCE_IMAGE_NUMBER_OF_COMPOSITE_IMAGE
+    * EXIF_TAG_SOURCE_EXPOSURE_TIMES_OF_COMPOSITE_IMAGE
+    * EXIF_TAG_GPS_H_POSITIONING_ERROR
+    * EXIF_TAG_CAMERA_OWNER_NAME
+    * EXIF_TAG_BODY_SERIAL_NUMBER
+    * EXIF_TAG_LENS_SPECIFICATION
+    * EXIF_TAG_LENS_MAKE
+    * EXIF_TAG_LENS_MODEL
+    * EXIF_TAG_LENS_SERIAL_NUMBER
+  * Lots of fixes exposed by fuzzers like AFL, ClusterFuzz, OSSFuzz and others.
+    * CVE-2018-20030: Fix for recursion DoS (bsc#1120943)
+    * CVE-2020-13114: Time consumption DoS when parsing canon array markers
+    * CVE-2020-13113: Potential use of uninitialized memory 
+    * CVE-2020-13112: Various buffer overread fixes due to integer overflows in maker notes
+    * CVE-2020-0093: read overflow (bsc#1171847)
+    * CVE-2019-9278: replaced integer overflow checks the compiler could optimize away by safer constructs (bsc#1160770)
+    * CVE-2020-12767: fixed division by zero (bsc#1171475)
+    * CVE-2016-6328: fixed integer overflow when parsing maker notes (bsc#1171475)
+    * CVE-2017-7544: fixed buffer overread (bsc#1059893)
+
 -------------------------------------------------------------------
 Wed Jan 24 11:36:21 UTC 2018 - jengelh@inai.de