touch-packages team mailing list archive
-
touch-packages team
-
Mailing list archive
-
Message #63422
[Bug 1433806] [NEW] Sync exiv2 0.24-4.1 (main) from Debian unstable (main)
Public bug reported:
Please sync exiv2 0.24-4.1 (main) from Debian unstable (main)
Explanation of the Ubuntu delta and why it can be dropped:
* SECURITY UPDATE: denial of service via buffer overflow
- debian/patches/CVE-2014-9449.patch: fix overflow in
src/riffvideo.cpp.
- CVE-2014-9449
CVE-2014-9449 is already fixed in Debian.
Changelog entries since current vivid version 0.24-4ubuntu1:
exiv2 (0.24-4.1) unstable; urgency=medium
* Non-maintainer upload.
* Add CVE-2014-9449.patch patch.
CVE-2014-9449: buffer overflow in RiffVideo::infoTagsHandler
Thanks to Klaus Ethgen <Klaus@xxxxxxxxx> (Closes: #773846)
-- Salvatore Bonaccorso <carnil@xxxxxxxxxx> Wed, 07 Jan 2015 20:25:48
+0100
** Affects: exiv2 (Ubuntu)
Importance: Wishlist
Status: New
** Changed in: exiv2 (Ubuntu)
Importance: Undecided => Wishlist
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to exiv2 in Ubuntu.
https://bugs.launchpad.net/bugs/1433806
Title:
Sync exiv2 0.24-4.1 (main) from Debian unstable (main)
Status in exiv2 package in Ubuntu:
New
Bug description:
Please sync exiv2 0.24-4.1 (main) from Debian unstable (main)
Explanation of the Ubuntu delta and why it can be dropped:
* SECURITY UPDATE: denial of service via buffer overflow
- debian/patches/CVE-2014-9449.patch: fix overflow in
src/riffvideo.cpp.
- CVE-2014-9449
CVE-2014-9449 is already fixed in Debian.
Changelog entries since current vivid version 0.24-4ubuntu1:
exiv2 (0.24-4.1) unstable; urgency=medium
* Non-maintainer upload.
* Add CVE-2014-9449.patch patch.
CVE-2014-9449: buffer overflow in RiffVideo::infoTagsHandler
Thanks to Klaus Ethgen <Klaus@xxxxxxxxx> (Closes: #773846)
-- Salvatore Bonaccorso <carnil@xxxxxxxxxx> Wed, 07 Jan 2015
20:25:48 +0100
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/exiv2/+bug/1433806/+subscriptions
Follow ups
References