Skip to navigation

Security Advisory Moderate: libexif security update

Advisory: RHSA-2012:1255-1
Type: Security Advisory
Severity: Moderate
Issued on: 2012-09-11
Last updated on: 2012-09-11
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server EUS (v. 6.3.z)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2012-2812
CVE-2012-2813
CVE-2012-2814
CVE-2012-2836
CVE-2012-2837
CVE-2012-2840
CVE-2012-2841

Details

Updated libexif packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 5 and 6.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

The libexif packages provide an Exchangeable image file format (Exif)
library. Exif allows metadata to be added to and read from certain types
of image files.

Multiple flaws were found in the way libexif processed Exif tags. An
attacker could create a specially-crafted image file that, when opened in
an application linked against libexif, could cause the application to
crash or, potentially, execute arbitrary code with the privileges of the
user running the application. (CVE-2012-2812, CVE-2012-2813, CVE-2012-2814,
CVE-2012-2836, CVE-2012-2837, CVE-2012-2840, CVE-2012-2841)

Red Hat would like to thank Dan Fandrich for reporting these issues.
Upstream acknowledges Mateusz Jurczyk of the Google Security Team as the
original reporter of CVE-2012-2812, CVE-2012-2813, and CVE-2012-2814; and
Yunho Kim as the original reporter of CVE-2012-2836 and CVE-2012-2837.

Users of libexif are advised to upgrade to these updated packages, which
contain backported patches to resolve these issues. All running
applications linked against libexif must be restarted for the update to
take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

RHEL Desktop Workstation (v. 5 client)

SRPMS:
libexif-0.6.21-1.el5_8.src.rpm     MD5: 2b84fa47285e0371bb3d5d638bd8dfae
SHA-256: 1611af6a8c7fc6db4a0eb21cac3f7d22e8fc3c7fb9e65edc96bb9de828984dd1
 
IA-32:
libexif-debuginfo-0.6.21-1.el5_8.i386.rpm     MD5: 64aaee01994328cc07022b812a6ff57b
SHA-256: 70bf3ab6236869f5c68114f21de0a0516d6da67de3e728cfb3f20687f1edf913
libexif-devel-0.6.21-1.el5_8.i386.rpm     MD5: a6c9441e7dc4908efdcd3c3db48d2f0b
SHA-256: 8a12bf72efa8e3e9b602fb7df1021b8c4d46e2657d49000bc3d8fabeb37b9919
 
x86_64:
libexif-debuginfo-0.6.21-1.el5_8.i386.rpm     MD5: 64aaee01994328cc07022b812a6ff57b
SHA-256: 70bf3ab6236869f5c68114f21de0a0516d6da67de3e728cfb3f20687f1edf913
libexif-debuginfo-0.6.21-1.el5_8.x86_64.rpm     MD5: 93bea12ce0d536758f770f4946a329cc
SHA-256: 3a4ffa2793c622dd89499efd256b5681de393c2a758f4ad2fc5d5146a289b367
libexif-devel-0.6.21-1.el5_8.i386.rpm     MD5: a6c9441e7dc4908efdcd3c3db48d2f0b
SHA-256: 8a12bf72efa8e3e9b602fb7df1021b8c4d46e2657d49000bc3d8fabeb37b9919
libexif-devel-0.6.21-1.el5_8.x86_64.rpm     MD5: 15e224109eb4caf362895de371ddf790
SHA-256: 1fc4ab13a8e615e0e8182ec5476c85677426118694f03a8825faef7cfa257688
 
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
libexif-0.6.21-1.el5_8.src.rpm     MD5: 2b84fa47285e0371bb3d5d638bd8dfae
SHA-256: 1611af6a8c7fc6db4a0eb21cac3f7d22e8fc3c7fb9e65edc96bb9de828984dd1
 
IA-32:
libexif-0.6.21-1.el5_8.i386.rpm     MD5: 3ade25525a3ac4c56ba8287e2ebf61d8
SHA-256: ec66fe38bc7c0c8307a9c910e725d69033e3cc9e11407963fdb6fa464ef3fb0e
libexif-debuginfo-0.6.21-1.el5_8.i386.rpm     MD5: 64aaee01994328cc07022b812a6ff57b
SHA-256: 70bf3ab6236869f5c68114f21de0a0516d6da67de3e728cfb3f20687f1edf913
libexif-devel-0.6.21-1.el5_8.i386.rpm     MD5: a6c9441e7dc4908efdcd3c3db48d2f0b
SHA-256: 8a12bf72efa8e3e9b602fb7df1021b8c4d46e2657d49000bc3d8fabeb37b9919
 
IA-64:
libexif-0.6.21-1.el5_8.ia64.rpm     MD5: 0aede6ac62e250165cc7efc93fc0a562
SHA-256: 4591f8927f2e2f92fd8a6949570d839a888b58ae2dde4816008b1ec720dfd64d
libexif-debuginfo-0.6.21-1.el5_8.ia64.rpm     MD5: e9228fc34b57c19931dd131c7b42ab24
SHA-256: 6a85a4afea7ff33804f4a1a5d6d5a6c48b4d9c2311f0717e4da899ee742dd8f2
libexif-devel-0.6.21-1.el5_8.ia64.rpm     MD5: e525ec528bb0debdcd61d4e3a889cd4f
SHA-256: a3abd5fa39b4d60d68a1b35800d05e647e7d4706414b65bf3f9f430b60d585f2
 
PPC:
libexif-0.6.21-1.el5_8.ppc.rpm     MD5: dbfb5ebd0ce62b4735e5c324102c0284
SHA-256: 2d964970d1f90664da8e5aa1e821e5e8821f7205effad475bf5a2486bb4de6eb
libexif-0.6.21-1.el5_8.ppc64.rpm     MD5: e848fd03471b639dda98b1c1c084f3e1
SHA-256: 38188f76d9fdf6f0204a4486fbf06702ee41307f11a3605c44f4e24de9f1de66
libexif-debuginfo-0.6.21-1.el5_8.ppc.rpm     MD5: a8682a7128c18fba7a99f3be6f7de702
SHA-256: 4744bb4b9933d8f33a6275cf119f84e258f902a7ceb5ad7134e5e3d565e5779a
libexif-debuginfo-0.6.21-1.el5_8.ppc64.rpm     MD5: 70339738d12f04ce072da126e8c88eba
SHA-256: b496b47ff0644294c410bce78f5a127bb3a4bb8727508b1c4e92f792a2a3120f
libexif-devel-0.6.21-1.el5_8.ppc.rpm     MD5: 0f68aeb78c0b9ea31b41b17ee2bca21e
SHA-256: 5c03bd5fdeac90133ebb0d2aa60e3c22f15b695c5c23cccf1b799b01b5ce3ab9
libexif-devel-0.6.21-1.el5_8.ppc64.rpm     MD5: dc9605bce04ba6dba376a348655a5f79
SHA-256: 7cfee045ed0e46ff62156c13b9c89d6f34bc7b2c7f6239ca8718bf8d3bb15247
 
s390x:
libexif-0.6.21-1.el5_8.s390.rpm     MD5: ec95e8c93d51f6f56cb5af3eb32d645f
SHA-256: 3a5845272a3987b1583668618417359c96a9acf713e92c7130e904e1db951468
libexif-0.6.21-1.el5_8.s390x.rpm     MD5: e61c758fb2d987266fd485e8447111b4
SHA-256: 6e6b6f6f300c85cdbb21a8e10cea9c7c0af0fbc6a0a7c7e8152fa08161288b77
libexif-debuginfo-0.6.21-1.el5_8.s390.rpm     MD5: f6b923358cc688e658ca238ee69ac61a
SHA-256: eef3c5e7bbe24dc6fa16c4f493767525c14c0b71d08b661116b21790b2b83571
libexif-debuginfo-0.6.21-1.el5_8.s390x.rpm     MD5: b6345bec456ecd2bc5ca5c1597e241b9
SHA-256: d85bfe7bace4c91957935846e130b4d6cbfd50205ad4db8bee14d8201a83af4d
libexif-devel-0.6.21-1.el5_8.s390.rpm     MD5: cb51f6404bd5c0443d8c691d81b3269f
SHA-256: 64836b6aa8fbe959cc56ca2316346b5ecb6e4c71bea087f61794d6700da26ed5
libexif-devel-0.6.21-1.el5_8.s390x.rpm     MD5: 45db7e419dfa034f622e274c8234b3e8
SHA-256: a751cd5ad4da6d640b7b946180407e09880fe2f1e3f71752e8d99c8c9259fd3e
 
x86_64:
libexif-0.6.21-1.el5_8.i386.rpm     MD5: 3ade25525a3ac4c56ba8287e2ebf61d8
SHA-256: ec66fe38bc7c0c8307a9c910e725d69033e3cc9e11407963fdb6fa464ef3fb0e
libexif-0.6.21-1.el5_8.x86_64.rpm     MD5: 24421e5f2be4492584d1b50ff6d3f090
SHA-256: 40112969f8427310aa98d618975a482419207c7d3106299e4ebbd00affcb8084
libexif-debuginfo-0.6.21-1.el5_8.i386.rpm     MD5: 64aaee01994328cc07022b812a6ff57b
SHA-256: 70bf3ab6236869f5c68114f21de0a0516d6da67de3e728cfb3f20687f1edf913
libexif-debuginfo-0.6.21-1.el5_8.x86_64.rpm     MD5: 93bea12ce0d536758f770f4946a329cc
SHA-256: 3a4ffa2793c622dd89499efd256b5681de393c2a758f4ad2fc5d5146a289b367
libexif-devel-0.6.21-1.el5_8.i386.rpm     MD5: a6c9441e7dc4908efdcd3c3db48d2f0b
SHA-256: 8a12bf72efa8e3e9b602fb7df1021b8c4d46e2657d49000bc3d8fabeb37b9919
libexif-devel-0.6.21-1.el5_8.x86_64.rpm     MD5: 15e224109eb4caf362895de371ddf790
SHA-256: 1fc4ab13a8e615e0e8182ec5476c85677426118694f03a8825faef7cfa257688
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
libexif-0.6.21-1.el5_8.src.rpm     MD5: 2b84fa47285e0371bb3d5d638bd8dfae
SHA-256: 1611af6a8c7fc6db4a0eb21cac3f7d22e8fc3c7fb9e65edc96bb9de828984dd1
 
IA-32:
libexif-0.6.21-1.el5_8.i386.rpm     MD5: 3ade25525a3ac4c56ba8287e2ebf61d8
SHA-256: ec66fe38bc7c0c8307a9c910e725d69033e3cc9e11407963fdb6fa464ef3fb0e
libexif-debuginfo-0.6.21-1.el5_8.i386.rpm     MD5: 64aaee01994328cc07022b812a6ff57b
SHA-256: 70bf3ab6236869f5c68114f21de0a0516d6da67de3e728cfb3f20687f1edf913
 
x86_64:
libexif-0.6.21-1.el5_8.i386.rpm     MD5: 3ade25525a3ac4c56ba8287e2ebf61d8
SHA-256: ec66fe38bc7c0c8307a9c910e725d69033e3cc9e11407963fdb6fa464ef3fb0e
libexif-0.6.21-1.el5_8.x86_64.rpm     MD5: 24421e5f2be4492584d1b50ff6d3f090
SHA-256: 40112969f8427310aa98d618975a482419207c7d3106299e4ebbd00affcb8084
libexif-debuginfo-0.6.21-1.el5_8.i386.rpm     MD5: 64aaee01994328cc07022b812a6ff57b
SHA-256: 70bf3ab6236869f5c68114f21de0a0516d6da67de3e728cfb3f20687f1edf913
libexif-debuginfo-0.6.21-1.el5_8.x86_64.rpm     MD5: 93bea12ce0d536758f770f4946a329cc
SHA-256: 3a4ffa2793c622dd89499efd256b5681de393c2a758f4ad2fc5d5146a289b367
 
Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
libexif-0.6.21-5.el6_3.src.rpm     MD5: a0ca161c2af03ed8a19ac6f22cc4aea0
SHA-256: c56db6b2ed8b30aa40f865c8bfa448ce00aa74bb5b84df22722fe55e2d13befc
 
IA-32:
libexif-0.6.21-5.el6_3.i686.rpm     MD5: 612a199c900bc6a529e02e2e52d1a607
SHA-256: a0a5bef2b0ed7881e978665d0f1ebbcb815d1e62d2f986db109d6e73e226ffc6
libexif-debuginfo-0.6.21-5.el6_3.i686.rpm     MD5: f6386013e16bca1b669f1c33ff757a91
SHA-256: e87036fd895a2e7fcc35a2e8b8319fd150eb2217cab746d55827c07423292dd8
libexif-devel-0.6.21-5.el6_3.i686.rpm     MD5: 6ba1a735edda6cf5badbe27b7a694a6b
SHA-256: a0fe2f1cf98e75220d503f350a49e0d7f704de211961c7c8a4eef047bed94644
 
x86_64:
libexif-0.6.21-5.el6_3.i686.rpm     MD5: 612a199c900bc6a529e02e2e52d1a607
SHA-256: a0a5bef2b0ed7881e978665d0f1ebbcb815d1e62d2f986db109d6e73e226ffc6
libexif-0.6.21-5.el6_3.x86_64.rpm     MD5: f6c5c06cf64bf458769612d7ae334c75
SHA-256: df680dc3c77a0d1765e9b6af82c6971e5f9b5ec070682ed030de22c9c7087ccd
libexif-debuginfo-0.6.21-5.el6_3.i686.rpm     MD5: f6386013e16bca1b669f1c33ff757a91
SHA-256: e87036fd895a2e7fcc35a2e8b8319fd150eb2217cab746d55827c07423292dd8
libexif-debuginfo-0.6.21-5.el6_3.x86_64.rpm     MD5: ae388ded53df22b3d690a4709f22d793
SHA-256: 24c662ee6e084f8b5122e2928bd4d8845a10142c035dfc4a6a69e860dae63a4e
libexif-devel-0.6.21-5.el6_3.i686.rpm     MD5: 6ba1a735edda6cf5badbe27b7a694a6b
SHA-256: a0fe2f1cf98e75220d503f350a49e0d7f704de211961c7c8a4eef047bed94644
libexif-devel-0.6.21-5.el6_3.x86_64.rpm     MD5: 9c93df0838c919d960c8a734f7b95cd9
SHA-256: 9f3516cbd6b08d18f35cd3dd419b2def5b74da36c400c0db6834229e76f12d92
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
libexif-0.6.21-5.el6_3.src.rpm     MD5: a0ca161c2af03ed8a19ac6f22cc4aea0
SHA-256: c56db6b2ed8b30aa40f865c8bfa448ce00aa74bb5b84df22722fe55e2d13befc
 
x86_64:
libexif-0.6.21-5.el6_3.i686.rpm     MD5: 612a199c900bc6a529e02e2e52d1a607
SHA-256: a0a5bef2b0ed7881e978665d0f1ebbcb815d1e62d2f986db109d6e73e226ffc6
libexif-0.6.21-5.el6_3.x86_64.rpm     MD5: f6c5c06cf64bf458769612d7ae334c75
SHA-256: df680dc3c77a0d1765e9b6af82c6971e5f9b5ec070682ed030de22c9c7087ccd
libexif-debuginfo-0.6.21-5.el6_3.i686.rpm     MD5: f6386013e16bca1b669f1c33ff757a91
SHA-256: e87036fd895a2e7fcc35a2e8b8319fd150eb2217cab746d55827c07423292dd8
libexif-debuginfo-0.6.21-5.el6_3.x86_64.rpm     MD5: ae388ded53df22b3d690a4709f22d793
SHA-256: 24c662ee6e084f8b5122e2928bd4d8845a10142c035dfc4a6a69e860dae63a4e
libexif-devel-0.6.21-5.el6_3.i686.rpm     MD5: 6ba1a735edda6cf5badbe27b7a694a6b
SHA-256: a0fe2f1cf98e75220d503f350a49e0d7f704de211961c7c8a4eef047bed94644
libexif-devel-0.6.21-5.el6_3.x86_64.rpm     MD5: 9c93df0838c919d960c8a734f7b95cd9
SHA-256: 9f3516cbd6b08d18f35cd3dd419b2def5b74da36c400c0db6834229e76f12d92
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
libexif-0.6.21-5.el6_3.src.rpm     MD5: a0ca161c2af03ed8a19ac6f22cc4aea0
SHA-256: c56db6b2ed8b30aa40f865c8bfa448ce00aa74bb5b84df22722fe55e2d13befc
 
IA-32:
libexif-0.6.21-5.el6_3.i686.rpm     MD5: 612a199c900bc6a529e02e2e52d1a607
SHA-256: a0a5bef2b0ed7881e978665d0f1ebbcb815d1e62d2f986db109d6e73e226ffc6
libexif-debuginfo-0.6.21-5.el6_3.i686.rpm     MD5: f6386013e16bca1b669f1c33ff757a91
SHA-256: e87036fd895a2e7fcc35a2e8b8319fd150eb2217cab746d55827c07423292dd8
libexif-devel-0.6.21-5.el6_3.i686.rpm     MD5: 6ba1a735edda6cf5badbe27b7a694a6b
SHA-256: a0fe2f1cf98e75220d503f350a49e0d7f704de211961c7c8a4eef047bed94644
 
PPC:
libexif-0.6.21-5.el6_3.ppc.rpm     MD5: a8ed1afedd20af7ca14cfd116347a3ea
SHA-256: b3e81fa63949d1a239189397d554599d1aa3790bb6bd0901c93b8a47748b0ea4
libexif-0.6.21-5.el6_3.ppc64.rpm     MD5: 2e32aacdbbce6722aa53a325ed9678aa
SHA-256: 3cd238980829287de0bd5c8503bd814993795e872efc757666164a8555853535
libexif-debuginfo-0.6.21-5.el6_3.ppc.rpm     MD5: eb027030c486dcd7f545071b53eba3d1
SHA-256: bcfa66aeba1218eb13436e8aa96b3227836f3118839f62b98ee4865ef87b29f0
libexif-debuginfo-0.6.21-5.el6_3.ppc64.rpm     MD5: 024cff489328abff8749cc00512398c5
SHA-256: c78e42860b5424788f08ddaf373d9ee8e43791b4cb5232d214d208bc0f7b47e7
libexif-devel-0.6.21-5.el6_3.ppc.rpm     MD5: 95c0c21ee73af99cfe9e723ba237de4c
SHA-256: 97e64d5667a443aa2184fa083313ae54d2cbd5e1e3b095635af689fa7db01708
libexif-devel-0.6.21-5.el6_3.ppc64.rpm     MD5: 37576a85281d55b0a780c6d7b5a3138b
SHA-256: 9e5199ac7d5fc74a103cd9377ee25de0e6a85d5813ef51e9e9d9046094392129
 
s390x:
libexif-0.6.21-5.el6_3.s390.rpm     MD5: ccb5f5b5dc459082525f0e70f5a9200f
SHA-256: 96632d007043b91805a0e7892427b18a3ad22a7b6aea5e6e4e8495b741e1e5c4
libexif-0.6.21-5.el6_3.s390x.rpm     MD5: 6b175f2e07a206de9f9e14353e293b67
SHA-256: 2ac8a6df43f7276bb523026228b239075b66dafe3854cbaeb461c043b4ba3f8d
libexif-debuginfo-0.6.21-5.el6_3.s390.rpm     MD5: 72ab59b613352292909cf12c7cc60460
SHA-256: 043f75d427ceb489d4be3c81237caac38beada4793a09d2d0b130f1139027691
libexif-debuginfo-0.6.21-5.el6_3.s390x.rpm     MD5: 87ffd1c7f713f37f58eb11685f5b817a
SHA-256: 5bf3c67a56b6be2bbac2215599fd2411d036452d1cb37d2e28149afa4d48b9d3
libexif-devel-0.6.21-5.el6_3.s390.rpm     MD5: 2337a3a3da76862529389a8a6b7c509c
SHA-256: 040758aa5e435e0e808a5947252649ce8784b53a0e39afda4c69397ee4119b8c
libexif-devel-0.6.21-5.el6_3.s390x.rpm     MD5: 916962df3f4ccb8b13e0899f38d584f9
SHA-256: 935af6ede7c90126d05f1de04c85c86d08fe52e37305f020e4f7d8a8d6f07ec4
 
x86_64:
libexif-0.6.21-5.el6_3.i686.rpm     MD5: 612a199c900bc6a529e02e2e52d1a607
SHA-256: a0a5bef2b0ed7881e978665d0f1ebbcb815d1e62d2f986db109d6e73e226ffc6
libexif-0.6.21-5.el6_3.x86_64.rpm     MD5: f6c5c06cf64bf458769612d7ae334c75
SHA-256: df680dc3c77a0d1765e9b6af82c6971e5f9b5ec070682ed030de22c9c7087ccd
libexif-debuginfo-0.6.21-5.el6_3.i686.rpm     MD5: f6386013e16bca1b669f1c33ff757a91
SHA-256: e87036fd895a2e7fcc35a2e8b8319fd150eb2217cab746d55827c07423292dd8
libexif-debuginfo-0.6.21-5.el6_3.x86_64.rpm     MD5: ae388ded53df22b3d690a4709f22d793
SHA-256: 24c662ee6e084f8b5122e2928bd4d8845a10142c035dfc4a6a69e860dae63a4e
libexif-devel-0.6.21-5.el6_3.i686.rpm     MD5: 6ba1a735edda6cf5badbe27b7a694a6b
SHA-256: a0fe2f1cf98e75220d503f350a49e0d7f704de211961c7c8a4eef047bed94644
libexif-devel-0.6.21-5.el6_3.x86_64.rpm     MD5: 9c93df0838c919d960c8a734f7b95cd9
SHA-256: 9f3516cbd6b08d18f35cd3dd419b2def5b74da36c400c0db6834229e76f12d92
 
Red Hat Enterprise Linux Server EUS (v. 6.3.z)

SRPMS:
libexif-0.6.21-5.el6_3.src.rpm     MD5: a0ca161c2af03ed8a19ac6f22cc4aea0
SHA-256: c56db6b2ed8b30aa40f865c8bfa448ce00aa74bb5b84df22722fe55e2d13befc
 
IA-32:
libexif-0.6.21-5.el6_3.i686.rpm     MD5: 612a199c900bc6a529e02e2e52d1a607
SHA-256: a0a5bef2b0ed7881e978665d0f1ebbcb815d1e62d2f986db109d6e73e226ffc6
libexif-debuginfo-0.6.21-5.el6_3.i686.rpm     MD5: f6386013e16bca1b669f1c33ff757a91
SHA-256: e87036fd895a2e7fcc35a2e8b8319fd150eb2217cab746d55827c07423292dd8
libexif-devel-0.6.21-5.el6_3.i686.rpm     MD5: 6ba1a735edda6cf5badbe27b7a694a6b
SHA-256: a0fe2f1cf98e75220d503f350a49e0d7f704de211961c7c8a4eef047bed94644
 
PPC:
libexif-0.6.21-5.el6_3.ppc.rpm     MD5: a8ed1afedd20af7ca14cfd116347a3ea
SHA-256: b3e81fa63949d1a239189397d554599d1aa3790bb6bd0901c93b8a47748b0ea4
libexif-0.6.21-5.el6_3.ppc64.rpm     MD5: 2e32aacdbbce6722aa53a325ed9678aa
SHA-256: 3cd238980829287de0bd5c8503bd814993795e872efc757666164a8555853535
libexif-debuginfo-0.6.21-5.el6_3.ppc.rpm     MD5: eb027030c486dcd7f545071b53eba3d1
SHA-256: bcfa66aeba1218eb13436e8aa96b3227836f3118839f62b98ee4865ef87b29f0
libexif-debuginfo-0.6.21-5.el6_3.ppc64.rpm     MD5: 024cff489328abff8749cc00512398c5
SHA-256: c78e42860b5424788f08ddaf373d9ee8e43791b4cb5232d214d208bc0f7b47e7
libexif-devel-0.6.21-5.el6_3.ppc.rpm     MD5: 95c0c21ee73af99cfe9e723ba237de4c
SHA-256: 97e64d5667a443aa2184fa083313ae54d2cbd5e1e3b095635af689fa7db01708
libexif-devel-0.6.21-5.el6_3.ppc64.rpm     MD5: 37576a85281d55b0a780c6d7b5a3138b
SHA-256: 9e5199ac7d5fc74a103cd9377ee25de0e6a85d5813ef51e9e9d9046094392129
 
s390x:
libexif-0.6.21-5.el6_3.s390.rpm     MD5: ccb5f5b5dc459082525f0e70f5a9200f
SHA-256: 96632d007043b91805a0e7892427b18a3ad22a7b6aea5e6e4e8495b741e1e5c4
libexif-0.6.21-5.el6_3.s390x.rpm     MD5: 6b175f2e07a206de9f9e14353e293b67
SHA-256: 2ac8a6df43f7276bb523026228b239075b66dafe3854cbaeb461c043b4ba3f8d
libexif-debuginfo-0.6.21-5.el6_3.s390.rpm     MD5: 72ab59b613352292909cf12c7cc60460
SHA-256: 043f75d427ceb489d4be3c81237caac38beada4793a09d2d0b130f1139027691
libexif-debuginfo-0.6.21-5.el6_3.s390x.rpm     MD5: 87ffd1c7f713f37f58eb11685f5b817a
SHA-256: 5bf3c67a56b6be2bbac2215599fd2411d036452d1cb37d2e28149afa4d48b9d3
libexif-devel-0.6.21-5.el6_3.s390.rpm     MD5: 2337a3a3da76862529389a8a6b7c509c
SHA-256: 040758aa5e435e0e808a5947252649ce8784b53a0e39afda4c69397ee4119b8c
libexif-devel-0.6.21-5.el6_3.s390x.rpm     MD5: 916962df3f4ccb8b13e0899f38d584f9
SHA-256: 935af6ede7c90126d05f1de04c85c86d08fe52e37305f020e4f7d8a8d6f07ec4
 
x86_64:
libexif-0.6.21-5.el6_3.i686.rpm     MD5: 612a199c900bc6a529e02e2e52d1a607
SHA-256: a0a5bef2b0ed7881e978665d0f1ebbcb815d1e62d2f986db109d6e73e226ffc6
libexif-0.6.21-5.el6_3.x86_64.rpm     MD5: f6c5c06cf64bf458769612d7ae334c75
SHA-256: df680dc3c77a0d1765e9b6af82c6971e5f9b5ec070682ed030de22c9c7087ccd
libexif-debuginfo-0.6.21-5.el6_3.i686.rpm     MD5: f6386013e16bca1b669f1c33ff757a91
SHA-256: e87036fd895a2e7fcc35a2e8b8319fd150eb2217cab746d55827c07423292dd8
libexif-debuginfo-0.6.21-5.el6_3.x86_64.rpm     MD5: ae388ded53df22b3d690a4709f22d793
SHA-256: 24c662ee6e084f8b5122e2928bd4d8845a10142c035dfc4a6a69e860dae63a4e
libexif-devel-0.6.21-5.el6_3.i686.rpm     MD5: 6ba1a735edda6cf5badbe27b7a694a6b
SHA-256: a0fe2f1cf98e75220d503f350a49e0d7f704de211961c7c8a4eef047bed94644
libexif-devel-0.6.21-5.el6_3.x86_64.rpm     MD5: 9c93df0838c919d960c8a734f7b95cd9
SHA-256: 9f3516cbd6b08d18f35cd3dd419b2def5b74da36c400c0db6834229e76f12d92
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
libexif-0.6.21-5.el6_3.src.rpm     MD5: a0ca161c2af03ed8a19ac6f22cc4aea0
SHA-256: c56db6b2ed8b30aa40f865c8bfa448ce00aa74bb5b84df22722fe55e2d13befc
 
IA-32:
libexif-0.6.21-5.el6_3.i686.rpm     MD5: 612a199c900bc6a529e02e2e52d1a607
SHA-256: a0a5bef2b0ed7881e978665d0f1ebbcb815d1e62d2f986db109d6e73e226ffc6
libexif-debuginfo-0.6.21-5.el6_3.i686.rpm     MD5: f6386013e16bca1b669f1c33ff757a91
SHA-256: e87036fd895a2e7fcc35a2e8b8319fd150eb2217cab746d55827c07423292dd8
libexif-devel-0.6.21-5.el6_3.i686.rpm     MD5: 6ba1a735edda6cf5badbe27b7a694a6b
SHA-256: a0fe2f1cf98e75220d503f350a49e0d7f704de211961c7c8a4eef047bed94644
 
x86_64:
libexif-0.6.21-5.el6_3.i686.rpm     MD5: 612a199c900bc6a529e02e2e52d1a607
SHA-256: a0a5bef2b0ed7881e978665d0f1ebbcb815d1e62d2f986db109d6e73e226ffc6
libexif-0.6.21-5.el6_3.x86_64.rpm     MD5: f6c5c06cf64bf458769612d7ae334c75
SHA-256: df680dc3c77a0d1765e9b6af82c6971e5f9b5ec070682ed030de22c9c7087ccd
libexif-debuginfo-0.6.21-5.el6_3.i686.rpm     MD5: f6386013e16bca1b669f1c33ff757a91
SHA-256: e87036fd895a2e7fcc35a2e8b8319fd150eb2217cab746d55827c07423292dd8
libexif-debuginfo-0.6.21-5.el6_3.x86_64.rpm     MD5: ae388ded53df22b3d690a4709f22d793
SHA-256: 24c662ee6e084f8b5122e2928bd4d8845a10142c035dfc4a6a69e860dae63a4e
libexif-devel-0.6.21-5.el6_3.i686.rpm     MD5: 6ba1a735edda6cf5badbe27b7a694a6b
SHA-256: a0fe2f1cf98e75220d503f350a49e0d7f704de211961c7c8a4eef047bed94644
libexif-devel-0.6.21-5.el6_3.x86_64.rpm     MD5: 9c93df0838c919d960c8a734f7b95cd9
SHA-256: 9f3516cbd6b08d18f35cd3dd419b2def5b74da36c400c0db6834229e76f12d92
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

839182 - CVE-2012-2813 libexif: "exif_convert_utf16_to_utf8()" heap-based out-of-bounds array read
839183 - CVE-2012-2814 libexif: "exif_entry_format_value()" buffer overflow
839184 - CVE-2012-2836 libexif: "exif_data_load_data()" heap-based out-of-bounds array read
839185 - CVE-2012-2837 libexif: "mnote_olympus_entry_get_value()" division by zero
839188 - CVE-2012-2840 libexif: "exif_convert_utf16_to_utf8()" off-by-one
839189 - CVE-2012-2841 libexif: "exif_entry_get_value()" integer underflow
839203 - CVE-2012-2812 libexif: "exif_entry_get_value()" heap-based out-of-bounds array read


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/