LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

SUSE alert SUSE-SU-2012:0902-1 (libexif)



From:
    	      opensuse-security@opensuse.org 


To:
    	      opensuse-security-announce@opensuse.org 


Subject:
    	      [security-announce] SUSE-SU-2012:0902-1: important: Security update for libexif 


Date:
    	      Mon, 23 Jul 2012 19:08:42 +0200 (CEST)


Message-ID:
    	      <20120723170842.2CF3C32879@maintenance.suse.de>


Archive-link:
    	      Article, Thread
              


   SUSE Security Update: Security update for libexif
______________________________________________________________________________

Announcement ID:    SUSE-SU-2012:0902-1
Rating:             important
References:         #771229 
Cross-References:   CVE-2012-2812 CVE-2012-2814 CVE-2012-2836
                    CVE-2012-2837 CVE-2012-2841
Affected Products:
                    SUSE Linux Enterprise Server 10 SP4
                    SUSE Linux Enterprise Desktop 10 SP4
______________________________________________________________________________

   An update that fixes 5 vulnerabilities is now available.

Description:


   Various overflows and other security related bugs in
   libexif were found by  the Google Security team and fixed
   by the libexif developers.

   Security Issue references:

   * CVE-2012-2812
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2812
   >
   * CVE-2012-2814
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2814
   >
   * CVE-2012-2836
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2836
   >
   * CVE-2012-2837
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2837
   >
   * CVE-2012-2841
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2841
   >



Package List:

   - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):

      libexif-0.6.13-20.14.1

   - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64):

      libexif-32bit-0.6.13-20.14.1

   - SUSE Linux Enterprise Server 10 SP4 (ia64):

      libexif-x86-0.6.13-20.14.1

   - SUSE Linux Enterprise Server 10 SP4 (ppc):

      libexif-64bit-0.6.13-20.14.1

   - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):

      libexif-0.6.13-20.14.1

   - SUSE Linux Enterprise Desktop 10 SP4 (x86_64):

      libexif-32bit-0.6.13-20.14.1


References:

   http://support.novell.com/security/cve/CVE-2012-2812.html
   http://support.novell.com/security/cve/CVE-2012-2814.html
   http://support.novell.com/security/cve/CVE-2012-2836.html
   http://support.novell.com/security/cve/CVE-2012-2837.html
   http://support.novell.com/security/cve/CVE-2012-2841.html
   https://bugzilla.novell.com/771229
   http://download.novell.com/patch/finder/?keywords=9eed174...

-- 
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds