8d513d89ac
- libexif-0.6.24 (2021-11-25): * Translation updates: sr, vi, pl, uk, french * fixed regression in exif_data_load_data which could not load EXIF in JPEG data anymore * Decode lots of Canon tag names * removed empty strings from translation (empty string would translate to the PO info header) * various warning removals and code improvements * added sample "persistent" afl fuzzer (100x faster than normal afl fuzzer)
Marcus Meissner2021-11-27 15:49:24 +00:00
a4d0c04eb7
- libexif-0.6.24 (2021-11-25): * Translation updates: sr, vi, pl, uk, french * fixed regression in exif_data_load_data which could not load EXIF in JPEG data anymore * Decode lots of Canon tag names * removed empty strings from translation (empty string would translate to the PO info header) * various warning removals and code improvements * added sample "persistent" afl fuzzer (100x faster than normal afl fuzzer)
Marcus Meissner2021-11-27 15:49:24 +00:00
02cc5f3d12
- libexif-0.6.23 (2021-09-12): - Translation updates: es, pl, uk, fr - EXIF_TAG_SENSITIVITY_TYPE decoder added, added some more Exif 2.3 tags: EXIF_TAG_STANDARD_OUTPUT_SENSITIVITY EXIF_TAG_RECOMMENDED_EXPOSURE_INDEX EXIF_TAG_ISO_SPEED EXIF_TAG_ISO_SPEEDLatitudeYYY EXIF_TAG_ISO_SPEEDLatitudeZZZ EXIF_TAG_OFFSET_TIME EXIF_TAG_OFFSET_TIME_ORIGINAL EXIF_TAG_OFFSET_TIME_DIGITIZED EXIF_TAG_IMAGE_DEPTH - be more relaxed to out of order JPG / EXIF dataheaders in files generated by some tools - default GPS IFD table added - Decode more Nikon Makernote tag names - Added Apple iOS Makernote - Security fixes: - CVE-2020-0198: unsigned integer overflow in exif_data_load_data_content - CVE-2020-0452: compiler optimization could remove an a bufferoverflow check, making a buffer overflow possible with some EXIF tags - some more denial of service (compute time or stack exhaustion) counter-measures added that avoid minutes of decoding time with malformed files found by OSS-Fuzz
Marcus Meissner2021-09-13 07:05:55 +00:00
6522748569
- libexif-0.6.23 (2021-09-12): - Translation updates: es, pl, uk, fr - EXIF_TAG_SENSITIVITY_TYPE decoder added, added some more Exif 2.3 tags: EXIF_TAG_STANDARD_OUTPUT_SENSITIVITY EXIF_TAG_RECOMMENDED_EXPOSURE_INDEX EXIF_TAG_ISO_SPEED EXIF_TAG_ISO_SPEEDLatitudeYYY EXIF_TAG_ISO_SPEEDLatitudeZZZ EXIF_TAG_OFFSET_TIME EXIF_TAG_OFFSET_TIME_ORIGINAL EXIF_TAG_OFFSET_TIME_DIGITIZED EXIF_TAG_IMAGE_DEPTH - be more relaxed to out of order JPG / EXIF dataheaders in files generated by some tools - default GPS IFD table added - Decode more Nikon Makernote tag names - Added Apple iOS Makernote - Security fixes: - CVE-2020-0198: unsigned integer overflow in exif_data_load_data_content - CVE-2020-0452: compiler optimization could remove an a bufferoverflow check, making a buffer overflow possible with some EXIF tags - some more denial of service (compute time or stack exhaustion) counter-measures added that avoid minutes of decoding time with malformed files found by OSS-Fuzz
Marcus Meissner2021-09-13 07:05:55 +00:00
968e54e454
Accepting request 809029 from graphics
Yuchen Lin2020-05-26 15:49:29 +00:00
d1ee840212
Accepting request 809029 from graphics
Yuchen Lin2020-05-26 15:49:29 +00:00
4a7735b648
* CVE-2020-13113: Potential use of uninitialized memory (bsc#1172105) * CVE-2020-13112: Various buffer overread fixes due to integer overflows in maker notes (bsc#1172116)
Marcus Meissner2020-05-26 12:23:13 +00:00
cacdb90cec
* CVE-2020-13113: Potential use of uninitialized memory (bsc#1172105) * CVE-2020-13112: Various buffer overread fixes due to integer overflows in maker notes (bsc#1172116)
Marcus Meissner2020-05-26 12:23:13 +00:00
7c19a2e621
- removed patch: libexif-build-date.patch (done similar upstream) - CVE-2016-6328.patch: in upstream release - CVE-2017-7544.patch: in upstream release
Marcus Meissner2020-05-18 16:11:33 +00:00
836f9b2472
- removed patch: libexif-build-date.patch (done similar upstream) - CVE-2016-6328.patch: in upstream release - CVE-2017-7544.patch: in upstream release
Marcus Meissner2020-05-18 16:11:33 +00:00
2eb3fcaa91
- libexif-0.6.22 (2020-05-18) release: * New translations: ms * Updated translations for most languages * Fixed C89 compatibility * Fixed warnings on recent versions of autoconf * Some useful EXIF 2.3 tag added: * EXIF_TAG_GAMMA * EXIF_TAG_COMPOSITE_IMAGE * EXIF_TAG_SOURCE_IMAGE_NUMBER_OF_COMPOSITE_IMAGE * EXIF_TAG_SOURCE_EXPOSURE_TIMES_OF_COMPOSITE_IMAGE * EXIF_TAG_GPS_H_POSITIONING_ERROR * EXIF_TAG_CAMERA_OWNER_NAME * EXIF_TAG_BODY_SERIAL_NUMBER * EXIF_TAG_LENS_SPECIFICATION * EXIF_TAG_LENS_MAKE * EXIF_TAG_LENS_MODEL * EXIF_TAG_LENS_SERIAL_NUMBER * Lots of fixes exposed by fuzzers like AFL, ClusterFuzz, OSSFuzz and others. * CVE-2018-20030: Fix for recursion DoS (bsc#1120943) * CVE-2020-13114: Time consumption DoS when parsing canon array markers * CVE-2020-13113: Potential use of uninitialized memory * CVE-2020-13112: Various buffer overread fixes due to integer overflows in maker notes * CVE-2020-0093: read overflow (bsc#1171847) * CVE-2019-9278: replaced integer overflow checks the compiler could optimize away by safer constructs (bsc#1160770) * CVE-2020-12767: fixed division by zero (bsc#1171475) * CVE-2016-6328: fixed integer overflow when parsing maker notes (bsc#1171475) * CVE-2017-7544: fixed buffer overread (bsc#1059893)
Marcus Meissner2020-05-18 16:10:21 +00:00
22dcc11fde
- libexif-0.6.22 (2020-05-18) release: * New translations: ms * Updated translations for most languages * Fixed C89 compatibility * Fixed warnings on recent versions of autoconf * Some useful EXIF 2.3 tag added: * EXIF_TAG_GAMMA * EXIF_TAG_COMPOSITE_IMAGE * EXIF_TAG_SOURCE_IMAGE_NUMBER_OF_COMPOSITE_IMAGE * EXIF_TAG_SOURCE_EXPOSURE_TIMES_OF_COMPOSITE_IMAGE * EXIF_TAG_GPS_H_POSITIONING_ERROR * EXIF_TAG_CAMERA_OWNER_NAME * EXIF_TAG_BODY_SERIAL_NUMBER * EXIF_TAG_LENS_SPECIFICATION * EXIF_TAG_LENS_MAKE * EXIF_TAG_LENS_MODEL * EXIF_TAG_LENS_SERIAL_NUMBER * Lots of fixes exposed by fuzzers like AFL, ClusterFuzz, OSSFuzz and others. * CVE-2018-20030: Fix for recursion DoS (bsc#1120943) * CVE-2020-13114: Time consumption DoS when parsing canon array markers * CVE-2020-13113: Potential use of uninitialized memory * CVE-2020-13112: Various buffer overread fixes due to integer overflows in maker notes * CVE-2020-0093: read overflow (bsc#1171847) * CVE-2019-9278: replaced integer overflow checks the compiler could optimize away by safer constructs (bsc#1160770) * CVE-2020-12767: fixed division by zero (bsc#1171475) * CVE-2016-6328: fixed integer overflow when parsing maker notes (bsc#1171475) * CVE-2017-7544: fixed buffer overread (bsc#1059893)
Marcus Meissner2020-05-18 16:10:21 +00:00
6e740bb8f6
- updated to 0.6.21 * Fixed some buffer overflows in exif_entry_format_value() This fixes CVE-2012-2814. Reported by Mateusz Jurczyk of Google Security Team * Fixed an off-by-one error in exif_convert_utf16_to_utf8() This can cause a one-byte NUL write past the end of the buffer. This fixes CVE-2012-2840 * Don't read past the end of a tag when converting from UTF-16 This fixes CVE-2012-2813. Reported by Mateusz Jurczyk of Google Security Team * Fixed an out of bounds read on corrupted input The EXIF_TAG_COPYRIGHT tag ought to be, but perhaps is not, NUL-terminated. This fixes CVE-2012-2812. Reported by Mateusz Jurczyk of Google Security Team * Fixed a buffer overflow problem in exif_entry_get_value If the application passed in a buffer length of 0, then it would be treated as the buffer had unlimited length. This fixes CVE-2012-2841 * Fix a buffer overflow on corrupt EXIF data. This fixes bug #3434540 and fixes part of CVE-2012-2836 Reported by Yunho Kim * Fix a buffer overflow on corrupted JPEG data An unsigned data length might wrap around when decremented below zero, bypassing sanity checks on length. This code path can probably only occur if exif_data_load_data() is called directly by the application on data that wasn't parsed by libexif itself. This solves the other part of CVE-2012-2836 * Fixed some possible division-by-zeros in Olympus-style makernotes
Marcus Meissner2012-07-12 20:04:02 +00:00
9c3fc0fbb7
- updated to 0.6.21 * Fixed some buffer overflows in exif_entry_format_value() This fixes CVE-2012-2814. Reported by Mateusz Jurczyk of Google Security Team * Fixed an off-by-one error in exif_convert_utf16_to_utf8() This can cause a one-byte NUL write past the end of the buffer. This fixes CVE-2012-2840 * Don't read past the end of a tag when converting from UTF-16 This fixes CVE-2012-2813. Reported by Mateusz Jurczyk of Google Security Team * Fixed an out of bounds read on corrupted input The EXIF_TAG_COPYRIGHT tag ought to be, but perhaps is not, NUL-terminated. This fixes CVE-2012-2812. Reported by Mateusz Jurczyk of Google Security Team * Fixed a buffer overflow problem in exif_entry_get_value If the application passed in a buffer length of 0, then it would be treated as the buffer had unlimited length. This fixes CVE-2012-2841 * Fix a buffer overflow on corrupt EXIF data. This fixes bug #3434540 and fixes part of CVE-2012-2836 Reported by Yunho Kim * Fix a buffer overflow on corrupted JPEG data An unsigned data length might wrap around when decremented below zero, bypassing sanity checks on length. This code path can probably only occur if exif_data_load_data() is called directly by the application on data that wasn't parsed by libexif itself. This solves the other part of CVE-2012-2836 * Fixed some possible division-by-zeros in Olympus-style makernotes
Marcus Meissner2012-07-12 20:04:02 +00:00
d050272465
replace license with spdx.org variant
Stephan Kulow
2011-12-06 17:23:24 +00:00
1af442ae5b
replace license with spdx.org variant
Stephan Kulow
2011-12-06 17:23:24 +00:00
a21818eac8
Autobuild autoformatter for 56705
Ruediger Oertel
2010-12-28 23:16:04 +00:00
2b7c860b5b
Autobuild autoformatter for 56705
Ruediger Oertel
2010-12-28 23:16:04 +00:00
bae23eef78
- updated to 0.6.20 * New translations: bs, tr * Updated translations: be, cs, da, de, en_GB, en_CA, it, ja, nl, pl, pt_BR, pt, ru, sk, sq, sr, sv, vi, zh_CN * Fixed some problems in the write-exif.c example program * Stop listing -lm as a required library for dynamic linking in libexif.pc * Turned on the --enable-silent-rules configure option * Changed a lot of strings to make the case of the text more consistent * exif_entry_dump() now displays the correct tag name for GPS tags * Fixed some invalid format specifiers that caused problems on some platforms * Display rational numbers with the right number of significant figures - remove "la" files * Enhanced support of Canon and Olympus makernotes - fixed endless loop problem in exif_content_remove_entry() - rpmlint fixes
Marcus Meissner2010-12-17 14:43:21 +00:00
94f1fbe937
- updated to 0.6.20 * New translations: bs, tr * Updated translations: be, cs, da, de, en_GB, en_CA, it, ja, nl, pl, pt_BR, pt, ru, sk, sq, sr, sv, vi, zh_CN * Fixed some problems in the write-exif.c example program * Stop listing -lm as a required library for dynamic linking in libexif.pc * Turned on the --enable-silent-rules configure option * Changed a lot of strings to make the case of the text more consistent * exif_entry_dump() now displays the correct tag name for GPS tags * Fixed some invalid format specifiers that caused problems on some platforms * Display rational numbers with the right number of significant figures - remove "la" files * Enhanced support of Canon and Olympus makernotes - fixed endless loop problem in exif_content_remove_entry() - rpmlint fixes
Marcus Meissner2010-12-17 14:43:21 +00:00
6cfe02b0fe
Accepting request 38661 from graphics
OBS User autobuild
2010-04-24 09:58:08 +00:00
52e5f4e246
Accepting request 38661 from graphics
OBS User autobuild
2010-04-24 09:58:08 +00:00
5634190c9c
Accepting request 38658 from home:coolo:branches:openSUSE:Factory
Stephan Kulow
2010-04-24 09:51:03 +00:00
a3126e7400
Accepting request 38658 from home:coolo:branches:openSUSE:Factory
Stephan Kulow
2010-04-24 09:51:03 +00:00
05138eed7a
Updating link to change in openSUSE:Factory/libexif revision 21.0
OBS User buildservice-autocommit
2010-03-18 15:02:38 +00:00
f9e7848148
Accepting request 38661 from graphics
OBS User autobuild
2010-04-24 09:58:09 +00:00
8ef7d17ad1
Updating link to change in openSUSE:Factory/libexif revision 21.0
OBS User buildservice-autocommit
2010-03-18 15:02:38 +00:00
c008bb6961
Accepting request 38661 from graphics
OBS User autobuild
2010-04-24 09:58:09 +00:00
Ana Guerrero
Marcus Meissner
Dominique Leuenberger
Yuchen Lin
Ismail Dönmez
Stephan Kulow
Dirk Stoecker
OBS User mrdocs
Ruediger Oertel
Lars Vogdt