(RHSA-2005:300) libexif security update

2005-03-21T05:00:00
ID RHSA-2005:300
Type redhat
Reporter RedHat
Modified 2017-09-08T12:19:26

Description

The libexif package contains the EXIF library. Applications use this library to parse EXIF image files.

A bug was found in the way libexif parses EXIF tags. An attacker could create a carefully crafted EXIF image file which could cause image viewers linked against libexif to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0664 to this issue.

Users of libexif should upgrade to these updated packages, which contain a backported patch and are not vulnerable to this issue.