Package: exiv2 Severity: grave Tags: patch security Hi, an integer overflow was reporting in exiv2's EXIF parsing code which results in a heap-based buffer overflow. This is CVE-2007-6353 please include the CVE id in your changelog if you fix the bug.
Because our stable security team is not able to share information and work together with the testing security team I can unfortunately just forward you to the bug trackers of other distributions. Please see: https://bugzilla.redhat.com/show_bug.cgi?id=425921 https://bugs.gentoo.org/show_bug.cgi?id=202351 They also include a patch for the issue. Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpzJo3r6dDlw.pgp
Description: PGP signature
