Adolf Belka e8ed38e875 libexif: Update to version 0.6.24 ...

- Update from version 0.6.22 to 0.6.24
- Update of rootfile not required
- source file no longer provided in xz format - changed to bz2
- Changelog (Two CVE's fixed in 0.6.23)
    libexif-0.6.24 (2021-11-25):
	   * Translation updates: sr, vi, pl, uk, french
	   * fixed regression in exif_data_load_data which could not load EXIF in JPEG data anymore
	   * Decode lots of Canon tag names
	   * removed empty strings from translation (empty string would translate to the PO info header)
	   * various warning removals and code improvements
	   * added sample "persistent" afl fuzzer (100x faster than normal afl fuzzer)
    libexif-0.6.23 (2021-09-12):
	  * Translation updates: es, pl, uk, fr
	  * EXIF_TAG_SENSITIVITY_TYPE decoder added, added some more Exif 2.3 tags:
	    - EXIF_TAG_STANDARD_OUTPUT_SENSITIVITY
	    - EXIF_TAG_RECOMMENDED_EXPOSURE_INDEX
	    - EXIF_TAG_ISO_SPEED
	    - EXIF_TAG_ISO_SPEEDLatitudeYYY
	    - EXIF_TAG_ISO_SPEEDLatitudeZZZ
	    - EXIF_TAG_OFFSET_TIME
	    - EXIF_TAG_OFFSET_TIME_ORIGINAL
	    - EXIF_TAG_OFFSET_TIME_DIGITIZED
	    - EXIF_TAG_IMAGE_DEPTH
	  * be more relaxed to out of order JPG / EXIF dataheaders in files generated by some tools
	  * default GPS IFD table added
	  * Decode more Nikon Makernote tag names
	  * Added Apple iOS Makernote
	  * Security fixes:
	    * CVE-2020-0198: unsigned integer overflow in exif_data_load_data_content
	    * CVE-2020-0452: compiler optimization could remove an a
	      bufferoverflow check, making a buffer overflow possible with some
	      EXIF tags
	    * some more denial of service (compute time or stack exhaustion) counter-measures
	      added that avoid minutes of decoding time with malformed files found
	      by OSS-Fuzz

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>

2022-12-27 16:26:45 +00:00

3.3 KiB

Raw Permalink Blame History

View Raw