Bulletin d'alerte Debian

DSA-1310-1 libexif -- Débordement d'entier

Date du rapport :
16 juin 2007
Paquets concernés :
libexif
Vulnérabilité :
Oui
Références dans la base de données de sécurité :
Dans le système de suivi des bogues Debian : Bogue 424775.
Dans le dictionnaire CVE du Mitre : CVE-2006-4168.
Plus de précisions :

Une vulnérabilité a été découverte dans libexif, une bibliothèque d'analyse des fichiers EXIF ; cela permet un déni de service et une possible exécution de code arbitraire via des données EXIF mal formées.

Pour l'ancienne distribution stable (Sarge), ce problème a été corrigé dans la version 0.6.9-6sarge1.

Pour la distribution stable (Etch), ce problème a été corrigé dans la version 0.6.13-5etch1.

Nous vous recommandons de mettre à jour votre paquet libexif.

Corrigé dans :

Debian GNU/Linux 3.1 (oldstable)

Source :
http://security.debian.org/pool/updates/main/libe/libexif/libexif_0.6.9-6sarge1.diff.gz
Size/MD5 checksum: 4786 7f1c3acc1bd7a5cbba3d5902243641f3
http://security.debian.org/pool/updates/main/libe/libexif/libexif_0.6.9-6sarge1.dsc
Size/MD5 checksum: 591 42d25baee97586f3ea1498a8f48ccf4a
http://security.debian.org/pool/updates/main/libe/libexif/libexif_0.6.9.orig.tar.gz
Size/MD5 checksum: 520956 0aa142335a8a00c32bb6c7dbfe95fc24
Alpha:
http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.9-6sarge1_alpha.deb
Size/MD5 checksum: 87472 b89fd309bcdbffe922868fdc94ae3995
http://security.debian.org/pool/updates/main/libe/libexif/libexif10_0.6.9-6sarge1_alpha.deb
Size/MD5 checksum: 87512 dfe1e955fa930314229d7bb60e3ff836
AMD64:
http://security.debian.org/pool/updates/main/libe/libexif/libexif10_0.6.9-6sarge1_amd64.deb
Size/MD5 checksum: 82032 4c5f701021eb2000bc3ef6f883567ce2
http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.9-6sarge1_amd64.deb
Size/MD5 checksum: 67686 16b056d71ca768c86008dcee30866f60
ARM:
http://security.debian.org/pool/updates/main/libe/libexif/libexif10_0.6.9-6sarge1_arm.deb
Size/MD5 checksum: 77166 2aa58aba802cace8d19c69bde064353f
http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.9-6sarge1_arm.deb
Size/MD5 checksum: 63856 c4d53b9592202e1fdd33488fd60c6d34
HP Precision:
http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.9-6sarge1_hppa.deb
Size/MD5 checksum: 72520 ee8e668619021e6b7835008ff995b7d9
http://security.debian.org/pool/updates/main/libe/libexif/libexif10_0.6.9-6sarge1_hppa.deb
Size/MD5 checksum: 87552 98de1cc25069f89469b2d27163f5899b
Intel IA-32:
http://security.debian.org/pool/updates/main/libe/libexif/libexif10_0.6.9-6sarge1_i386.deb
Size/MD5 checksum: 81852 c160054570be46b37aea3eab9b4eaccb
http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.9-6sarge1_i386.deb
Size/MD5 checksum: 67106 d068596d9648d1ce07eab1cc960cc64c
Intel IA-64:
http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.9-6sarge1_ia64.deb
Size/MD5 checksum: 84206 0246ab59dabd154efd976ff66bc92f41
http://security.debian.org/pool/updates/main/libe/libexif/libexif10_0.6.9-6sarge1_ia64.deb
Size/MD5 checksum: 95380 154b1660da3aa9de555d2a01771069f6
Motorola 680x0:
http://security.debian.org/pool/updates/main/libe/libexif/libexif10_0.6.9-6sarge1_m68k.deb
Size/MD5 checksum: 79144 d4efcd6b0d598fbdb5f63a8737f49964
http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.9-6sarge1_m68k.deb
Size/MD5 checksum: 57968 d746fafbc55a58c83920a6630b416365
Big-endian MIPS:
http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.9-6sarge1_mips.deb
Size/MD5 checksum: 68116 231d9384f29995322dca3d138aa0bd41
http://security.debian.org/pool/updates/main/libe/libexif/libexif10_0.6.9-6sarge1_mips.deb
Size/MD5 checksum: 77876 d245ced8cef61e9b29c01891fb28be83
Little-endian MIPS:
http://security.debian.org/pool/updates/main/libe/libexif/libexif10_0.6.9-6sarge1_mipsel.deb
Size/MD5 checksum: 77066 a803eeb2551df736a9ad6bfbcd4aec5d
http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.9-6sarge1_mipsel.deb
Size/MD5 checksum: 67570 a4962d489742e261878d1e76072de447
IBM S/390:
http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.9-6sarge1_s390.deb
Size/MD5 checksum: 69688 921fe72654e3fb1d8f43dc40c67f2196
http://security.debian.org/pool/updates/main/libe/libexif/libexif10_0.6.9-6sarge1_s390.deb
Size/MD5 checksum: 82194 e452ad17bc755a7896789d72ba6a19ef
Sun Sparc:
http://security.debian.org/pool/updates/main/libe/libexif/libexif10_0.6.9-6sarge1_sparc.deb
Size/MD5 checksum: 80210 5af15c3f4ba80c2349b22e31fdace319
http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.9-6sarge1_sparc.deb
Size/MD5 checksum: 66224 eff51355ec2cc7ad61a8cafd51b7827d

Debian GNU/Linux 4.0 (stable)

Source :
http://security.debian.org/pool/updates/main/libe/libexif/libexif_0.6.13-5etch1.dsc
Size/MD5 checksum: 611 1ef82262d96e0b157f7ee74bfad7cf1f
http://security.debian.org/pool/updates/main/libe/libexif/libexif_0.6.13.orig.tar.gz
Size/MD5 checksum: 727418 e5ad93c170bfb4fed6dc3e1c7a7948cb
http://security.debian.org/pool/updates/main/libe/libexif/libexif_0.6.13-5etch1.diff.gz
Size/MD5 checksum: 9163 476ae8f1ef4103144ca0f3ea59e88ca4
Alpha:
http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.13-5etch1_alpha.deb
Size/MD5 checksum: 1067984 e5c33b25fd459761ea2d19d9142b5cdf
http://security.debian.org/pool/updates/main/libe/libexif/libexif12_0.6.13-5etch1_alpha.deb
Size/MD5 checksum: 148336 88bc8cc66ad78ddf4b096015148dba82
AMD64:
http://security.debian.org/pool/updates/main/libe/libexif/libexif12_0.6.13-5etch1_amd64.deb
Size/MD5 checksum: 142954 ceeccbe1112250949070f1c06b78536c
http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.13-5etch1_amd64.deb
Size/MD5 checksum: 1044550 b55daeeb41735e7f3024d68186643805
ARM:
http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.13-5etch1_arm.deb
Size/MD5 checksum: 997646 18411c1a63d5d4e537992140cbdf7721
http://security.debian.org/pool/updates/main/libe/libexif/libexif12_0.6.13-5etch1_arm.deb
Size/MD5 checksum: 135988 1195dbf898c9550590a2a76b327a4eb4
HP Precision:
http://security.debian.org/pool/updates/main/libe/libexif/libexif12_0.6.13-5etch1_hppa.deb
Size/MD5 checksum: 147200 dece4fe67839197f3f4cbac78aec2a43
http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.13-5etch1_hppa.deb
Size/MD5 checksum: 1013194 6de2cec24dffdeffa1abf69175d48962
Intel IA-32:
http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.13-5etch1_i386.deb
Size/MD5 checksum: 998686 19d1987a4222f5da26521ba96dbf20cf
http://security.debian.org/pool/updates/main/libe/libexif/libexif12_0.6.13-5etch1_i386.deb
Size/MD5 checksum: 139954 73713093a5b8e423284e7bc5bd55a120
Intel IA-64:
http://security.debian.org/pool/updates/main/libe/libexif/libexif12_0.6.13-5etch1_ia64.deb
Size/MD5 checksum: 159424 f1a821774f55ffc4e1aa1238d05835e3
http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.13-5etch1_ia64.deb
Size/MD5 checksum: 1028554 c599bc392ff53a2f1b8da9d0270dd6b1
Big-endian MIPS:
http://security.debian.org/pool/updates/main/libe/libexif/libexif12_0.6.13-5etch1_mips.deb
Size/MD5 checksum: 136666 42403f5fe88c1608fbd99e24b0fba51a
http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.13-5etch1_mips.deb
Size/MD5 checksum: 1008580 24c2d6980675f456a8771b665ea43b75
Little-endian MIPS:
http://security.debian.org/pool/updates/main/libe/libexif/libexif12_0.6.13-5etch1_mipsel.deb
Size/MD5 checksum: 136120 fea308e90afe74d83dbc00d800d08a3d
http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.13-5etch1_mipsel.deb
Size/MD5 checksum: 1008154 6c88505ee31716eb604d1d1ccdbf33f0
PowerPC:
http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.13-5etch1_powerpc.deb
Size/MD5 checksum: 1005486 997bbd5a30ba6012c8394df7bd95d095
http://security.debian.org/pool/updates/main/libe/libexif/libexif12_0.6.13-5etch1_powerpc.deb
Size/MD5 checksum: 138166 41e221f883a8eac1f080068e71633f1e
IBM S/390:
http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.13-5etch1_s390.deb
Size/MD5 checksum: 1007740 9aa83ad28b7b41d0c4121f0084a0650e
http://security.debian.org/pool/updates/main/libe/libexif/libexif12_0.6.13-5etch1_s390.deb
Size/MD5 checksum: 143518 4f99aa499f2d4d620a4f21709d2035f7
Sun Sparc:
http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.13-5etch1_sparc.deb
Size/MD5 checksum: 1002722 c869b8a61874428e206f01b5e67fbb1b
http://security.debian.org/pool/updates/main/libe/libexif/libexif12_0.6.13-5etch1_sparc.deb
Size/MD5 checksum: 138310 13569b4111b772a4a2be29727dd21d2d

Les sommes MD5 des fichiers indiqués sont disponibles sur la page originale de l'alerte de sécurité.

Les sommes MD5 des fichiers indiqués sont disponibles sur la page originale de l'alerte de sécurité.