-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 20 Apr 2026 07:42:42 -0300 Source: libexif Binary: libexif-dev libexif12 libexif12-dbgsym Architecture: i386 Version: 0.6.24-1+deb12u1 Distribution: bookworm Urgency: medium Maintainer: amd64 / i386 Build Daemon (x86-ubc-01) Changed-By: Emmanuel Arias Description: libexif-dev - library to parse EXIF files (development files) libexif12 - library to parse EXIF files Closes: 1131116 1133922 1133923 Changes: libexif (0.6.24-1+deb12u1) bookworm; urgency=medium . * Team upload. * d/patches/CVE-2026-40386.patch Add patch for CVE-2026-40386. - An integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs (Closes: #1133923). * d/patches/CVE-2026-40385.patch: Add patch for CVE-2026-40385. - An unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. (Closes: #1133922). * d/patches/CVE-2026-32775.patch: Add patch for CVE-2026-32775.patch. - If the exif_mnote_data_get_value function in MakerNotes gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow (Closes: #1131116). Checksums-Sha1: 911554e6d104b4aee051da01066dd2ce5b67bf44 106484 libexif-dev_0.6.24-1+deb12u1_i386.deb 2bb576a327c76acc3c6520b678326945ca4c5887 119700 libexif12-dbgsym_0.6.24-1+deb12u1_i386.deb 6634730b21adb611b914712fcd1cdc6cd96e97fd 394108 libexif12_0.6.24-1+deb12u1_i386.deb 289a18a229b6380697580c4de0a01275aa301d43 8627 libexif_0.6.24-1+deb12u1_i386-buildd.buildinfo Checksums-Sha256: 03838126c556df5ef13a76c9d7a41f89d6bb5f211e6cf9fb36f4e0ab3b7b64a5 106484 libexif-dev_0.6.24-1+deb12u1_i386.deb 815882a3172a473059ec4a54aab4ee6c8b92e7eeaa5962471edacaadfd3b391b 119700 libexif12-dbgsym_0.6.24-1+deb12u1_i386.deb 6906595caf1df219b2578fc494768ad39d06229c60d8a980cfd0795b7d7e96e5 394108 libexif12_0.6.24-1+deb12u1_i386.deb 1e3a23eb2d6d840b6adca42c1cdf09d4c4c3b3aae002819543ff11d804b76ff4 8627 libexif_0.6.24-1+deb12u1_i386-buildd.buildinfo Files: 213f9cea62353b3b9939a5732814c1e2 106484 libdevel optional libexif-dev_0.6.24-1+deb12u1_i386.deb d431549604cc690e66b2c5a1b4f1b381 119700 debug optional libexif12-dbgsym_0.6.24-1+deb12u1_i386.deb fad897f8357765746844ba5d914e8466 394108 libs optional libexif12_0.6.24-1+deb12u1_i386.deb cd5ef664c9de5ea6365b60dadd9bbfdc 8627 libs optional libexif_0.6.24-1+deb12u1_i386-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEmtr4KUMaso2EQ6NrTwt/65ON6zcFAmn/FYsACgkQTwt/65ON 6ze7/BAAqyMKYOXRtCFz73k4mCnsaGdwWMchbQ2PzzBROahhSVe9aTjqmrNGOYHS QlXoYykW4I6y9WE7pK9BNH2uZk1gwfgkhKTsKg9hVKTmm7rXf1htE6dQ58TJAvg8 K+iQJOxVA9CcBakL0S0QCTAv6nRwvRl17o/ng+Lk8VWPlVPKCl8NaobM4EPRSgkg ZN7cD/gr/UiIWbQ7dgAkxxvHSWbnbEkamwtO0usjMhbrNLM/iSuA+4Sq37h4brw0 CEepSfcDL5JGkn5vy3JlG2IGyfTy1F8ahBeiEB8ss5LfeikI9A/bQNJT943WrlOC vXMlfdTOXHH4gmIs5nmFhABZHibOmOYETXlnqoUTp+FzDrIXEc3xuQOokQ65mW9X lSHT0T/LwVwFlLZaS76kjcR7wGLRyR8hhc7pq4xT74VXKDdX+WdGzF3Y8rFTxxCj Wv0Pqm9iWXPCNffDYfiwKXVM9zZ5r0nQM8TuIq2LMlCg6iljoVCaQmOchcbXAX7i 7Ab/F9Pnk0eQVbqA+Kbhw7t+vVzRSYB95NcusaJWbKXPVejloBIN3N3CfnUplzne D8HYgATIDajm9lQef93fnGnj30q+BxXmNPYgMHqLB2BMweBtqx6ohaUpXRUKA8DD yUI4KyjEw33hYT6kRvaj452wN4MMkcbt9X0SA4PbUfya8Di8giw= =oQHr -----END PGP SIGNATURE-----