Debian セキュリティ勧告
DSA-1310-1 libexif -- 整数オーバフロー
- 報告日時:
- 2007-06-16
- 影響を受けるパッケージ:
- libexif
- 危険性:
- あり
- 参考セキュリティデータベース:
- Debian バグ追跡システム: バグ 424775.
Mitre の CVE 辞書: CVE-2006-4168. - 詳細:
-
脆弱性が EXIF ファイルを解析するライブラリ libexif に発見されました。サービス拒否を許し、異常な EXIF データを経由して任意のコードを実行する可能性があります。
旧安定版 (stable) ディストリビューション (sarge) では、この問題はバージョン 0.6.9-6sarge1 で修正されています。
安定版 (stable) ディストリビューション (etch) では、この問題はバージョン 0.6.13-5etch1 で修正されています。
直ちに libexif パッケージをアップグレードすることを勧めます。
- 修正:
-
Debian GNU/Linux 3.1 (oldstable)
- ソース:
- http://security.debian.org/pool/updates/main/libe/libexif/libexif_0.6.9-6sarge1.diff.gz
Size/MD5 checksum: 4786 7f1c3acc1bd7a5cbba3d5902243641f3- http://security.debian.org/pool/updates/main/libe/libexif/libexif_0.6.9-6sarge1.dsc
Size/MD5 checksum: 591 42d25baee97586f3ea1498a8f48ccf4a- http://security.debian.org/pool/updates/main/libe/libexif/libexif_0.6.9.orig.tar.gz
Size/MD5 checksum: 520956 0aa142335a8a00c32bb6c7dbfe95fc24 - http://security.debian.org/pool/updates/main/libe/libexif/libexif_0.6.9-6sarge1.dsc
- Alpha:
- http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.9-6sarge1_alpha.deb
Size/MD5 checksum: 87472 b89fd309bcdbffe922868fdc94ae3995- http://security.debian.org/pool/updates/main/libe/libexif/libexif10_0.6.9-6sarge1_alpha.deb
Size/MD5 checksum: 87512 dfe1e955fa930314229d7bb60e3ff836 - http://security.debian.org/pool/updates/main/libe/libexif/libexif10_0.6.9-6sarge1_alpha.deb
- AMD64:
- http://security.debian.org/pool/updates/main/libe/libexif/libexif10_0.6.9-6sarge1_amd64.deb
Size/MD5 checksum: 82032 4c5f701021eb2000bc3ef6f883567ce2- http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.9-6sarge1_amd64.deb
Size/MD5 checksum: 67686 16b056d71ca768c86008dcee30866f60 - http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.9-6sarge1_amd64.deb
- ARM:
- http://security.debian.org/pool/updates/main/libe/libexif/libexif10_0.6.9-6sarge1_arm.deb
Size/MD5 checksum: 77166 2aa58aba802cace8d19c69bde064353f- http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.9-6sarge1_arm.deb
Size/MD5 checksum: 63856 c4d53b9592202e1fdd33488fd60c6d34 - http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.9-6sarge1_arm.deb
- HP Precision:
- http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.9-6sarge1_hppa.deb
Size/MD5 checksum: 72520 ee8e668619021e6b7835008ff995b7d9- http://security.debian.org/pool/updates/main/libe/libexif/libexif10_0.6.9-6sarge1_hppa.deb
Size/MD5 checksum: 87552 98de1cc25069f89469b2d27163f5899b - http://security.debian.org/pool/updates/main/libe/libexif/libexif10_0.6.9-6sarge1_hppa.deb
- Intel IA-32:
- http://security.debian.org/pool/updates/main/libe/libexif/libexif10_0.6.9-6sarge1_i386.deb
Size/MD5 checksum: 81852 c160054570be46b37aea3eab9b4eaccb- http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.9-6sarge1_i386.deb
Size/MD5 checksum: 67106 d068596d9648d1ce07eab1cc960cc64c - http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.9-6sarge1_i386.deb
- Intel IA-64:
- http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.9-6sarge1_ia64.deb
Size/MD5 checksum: 84206 0246ab59dabd154efd976ff66bc92f41- http://security.debian.org/pool/updates/main/libe/libexif/libexif10_0.6.9-6sarge1_ia64.deb
Size/MD5 checksum: 95380 154b1660da3aa9de555d2a01771069f6 - http://security.debian.org/pool/updates/main/libe/libexif/libexif10_0.6.9-6sarge1_ia64.deb
- Motorola 680x0:
- http://security.debian.org/pool/updates/main/libe/libexif/libexif10_0.6.9-6sarge1_m68k.deb
Size/MD5 checksum: 79144 d4efcd6b0d598fbdb5f63a8737f49964- http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.9-6sarge1_m68k.deb
Size/MD5 checksum: 57968 d746fafbc55a58c83920a6630b416365 - http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.9-6sarge1_m68k.deb
- Big-endian MIPS:
- http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.9-6sarge1_mips.deb
Size/MD5 checksum: 68116 231d9384f29995322dca3d138aa0bd41- http://security.debian.org/pool/updates/main/libe/libexif/libexif10_0.6.9-6sarge1_mips.deb
Size/MD5 checksum: 77876 d245ced8cef61e9b29c01891fb28be83 - http://security.debian.org/pool/updates/main/libe/libexif/libexif10_0.6.9-6sarge1_mips.deb
- Little-endian MIPS:
- http://security.debian.org/pool/updates/main/libe/libexif/libexif10_0.6.9-6sarge1_mipsel.deb
Size/MD5 checksum: 77066 a803eeb2551df736a9ad6bfbcd4aec5d- http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.9-6sarge1_mipsel.deb
Size/MD5 checksum: 67570 a4962d489742e261878d1e76072de447 - http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.9-6sarge1_mipsel.deb
- IBM S/390:
- http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.9-6sarge1_s390.deb
Size/MD5 checksum: 69688 921fe72654e3fb1d8f43dc40c67f2196- http://security.debian.org/pool/updates/main/libe/libexif/libexif10_0.6.9-6sarge1_s390.deb
Size/MD5 checksum: 82194 e452ad17bc755a7896789d72ba6a19ef - http://security.debian.org/pool/updates/main/libe/libexif/libexif10_0.6.9-6sarge1_s390.deb
- Sun Sparc:
- http://security.debian.org/pool/updates/main/libe/libexif/libexif10_0.6.9-6sarge1_sparc.deb
Size/MD5 checksum: 80210 5af15c3f4ba80c2349b22e31fdace319- http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.9-6sarge1_sparc.deb
Size/MD5 checksum: 66224 eff51355ec2cc7ad61a8cafd51b7827d - http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.9-6sarge1_sparc.deb
Debian GNU/Linux 4.0 (stable)
- ソース:
- http://security.debian.org/pool/updates/main/libe/libexif/libexif_0.6.13-5etch1.dsc
Size/MD5 checksum: 611 1ef82262d96e0b157f7ee74bfad7cf1f- http://security.debian.org/pool/updates/main/libe/libexif/libexif_0.6.13.orig.tar.gz
Size/MD5 checksum: 727418 e5ad93c170bfb4fed6dc3e1c7a7948cb- http://security.debian.org/pool/updates/main/libe/libexif/libexif_0.6.13-5etch1.diff.gz
Size/MD5 checksum: 9163 476ae8f1ef4103144ca0f3ea59e88ca4 - http://security.debian.org/pool/updates/main/libe/libexif/libexif_0.6.13.orig.tar.gz
- Alpha:
- http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.13-5etch1_alpha.deb
Size/MD5 checksum: 1067984 e5c33b25fd459761ea2d19d9142b5cdf- http://security.debian.org/pool/updates/main/libe/libexif/libexif12_0.6.13-5etch1_alpha.deb
Size/MD5 checksum: 148336 88bc8cc66ad78ddf4b096015148dba82 - http://security.debian.org/pool/updates/main/libe/libexif/libexif12_0.6.13-5etch1_alpha.deb
- AMD64:
- http://security.debian.org/pool/updates/main/libe/libexif/libexif12_0.6.13-5etch1_amd64.deb
Size/MD5 checksum: 142954 ceeccbe1112250949070f1c06b78536c- http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.13-5etch1_amd64.deb
Size/MD5 checksum: 1044550 b55daeeb41735e7f3024d68186643805 - http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.13-5etch1_amd64.deb
- ARM:
- http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.13-5etch1_arm.deb
Size/MD5 checksum: 997646 18411c1a63d5d4e537992140cbdf7721- http://security.debian.org/pool/updates/main/libe/libexif/libexif12_0.6.13-5etch1_arm.deb
Size/MD5 checksum: 135988 1195dbf898c9550590a2a76b327a4eb4 - http://security.debian.org/pool/updates/main/libe/libexif/libexif12_0.6.13-5etch1_arm.deb
- HP Precision:
- http://security.debian.org/pool/updates/main/libe/libexif/libexif12_0.6.13-5etch1_hppa.deb
Size/MD5 checksum: 147200 dece4fe67839197f3f4cbac78aec2a43- http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.13-5etch1_hppa.deb
Size/MD5 checksum: 1013194 6de2cec24dffdeffa1abf69175d48962 - http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.13-5etch1_hppa.deb
- Intel IA-32:
- http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.13-5etch1_i386.deb
Size/MD5 checksum: 998686 19d1987a4222f5da26521ba96dbf20cf- http://security.debian.org/pool/updates/main/libe/libexif/libexif12_0.6.13-5etch1_i386.deb
Size/MD5 checksum: 139954 73713093a5b8e423284e7bc5bd55a120 - http://security.debian.org/pool/updates/main/libe/libexif/libexif12_0.6.13-5etch1_i386.deb
- Intel IA-64:
- http://security.debian.org/pool/updates/main/libe/libexif/libexif12_0.6.13-5etch1_ia64.deb
Size/MD5 checksum: 159424 f1a821774f55ffc4e1aa1238d05835e3- http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.13-5etch1_ia64.deb
Size/MD5 checksum: 1028554 c599bc392ff53a2f1b8da9d0270dd6b1 - http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.13-5etch1_ia64.deb
- Big-endian MIPS:
- http://security.debian.org/pool/updates/main/libe/libexif/libexif12_0.6.13-5etch1_mips.deb
Size/MD5 checksum: 136666 42403f5fe88c1608fbd99e24b0fba51a- http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.13-5etch1_mips.deb
Size/MD5 checksum: 1008580 24c2d6980675f456a8771b665ea43b75 - http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.13-5etch1_mips.deb
- Little-endian MIPS:
- http://security.debian.org/pool/updates/main/libe/libexif/libexif12_0.6.13-5etch1_mipsel.deb
Size/MD5 checksum: 136120 fea308e90afe74d83dbc00d800d08a3d- http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.13-5etch1_mipsel.deb
Size/MD5 checksum: 1008154 6c88505ee31716eb604d1d1ccdbf33f0 - http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.13-5etch1_mipsel.deb
- PowerPC:
- http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.13-5etch1_powerpc.deb
Size/MD5 checksum: 1005486 997bbd5a30ba6012c8394df7bd95d095- http://security.debian.org/pool/updates/main/libe/libexif/libexif12_0.6.13-5etch1_powerpc.deb
Size/MD5 checksum: 138166 41e221f883a8eac1f080068e71633f1e - http://security.debian.org/pool/updates/main/libe/libexif/libexif12_0.6.13-5etch1_powerpc.deb
- IBM S/390:
- http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.13-5etch1_s390.deb
Size/MD5 checksum: 1007740 9aa83ad28b7b41d0c4121f0084a0650e- http://security.debian.org/pool/updates/main/libe/libexif/libexif12_0.6.13-5etch1_s390.deb
Size/MD5 checksum: 143518 4f99aa499f2d4d620a4f21709d2035f7 - http://security.debian.org/pool/updates/main/libe/libexif/libexif12_0.6.13-5etch1_s390.deb
- Sun Sparc:
- http://security.debian.org/pool/updates/main/libe/libexif/libexif-dev_0.6.13-5etch1_sparc.deb
Size/MD5 checksum: 1002722 c869b8a61874428e206f01b5e67fbb1b- http://security.debian.org/pool/updates/main/libe/libexif/libexif12_0.6.13-5etch1_sparc.deb
Size/MD5 checksum: 138310 13569b4111b772a4a2be29727dd21d2d - http://security.debian.org/pool/updates/main/libe/libexif/libexif12_0.6.13-5etch1_sparc.deb
一覧にあるファイルの MD5 チェックサムは勧告の原文にあります。
一覧にあるファイルの MD5 チェックサムは勧告の原文にあります。