| Revision Date: | 2005-03-21 | Version: | 502 |
| Title: | RHSA-2005:300: libexif security update (Low) |
| Description: | The libexif package contains the EXIF library. Applications use this library to parse EXIF image files.
A bug was found in the way libexif parses EXIF tags. An attacker could create a carefully crafted EXIF image file which could cause image viewers linked against libexif to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0664 to this issue.
Users of libexif should upgrade to these updated packages, which contain a backported patch and are not vulnerable to this issue.
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | CVE-2005-0664
RHSA-2005:300-01
|
| Platform(s): | Red Hat Enterprise Linux 4
| Product(s): | |
| Definition Synopsis |
| Red Hat Enterprise Linux 4 is installed AND Package Information
libexif-devel is earlier than 0:0.5.12-5.1
AND libexif-devel is signed with Red Hat master key
OR
libexif is earlier than 0:0.5.12-5.1
AND libexif is signed with Red Hat master key
|