-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 17 Apr 2026 07:48:04 -0300 Source: libexif Binary: libexif-dev libexif12 libexif12-dbgsym Architecture: i386 Version: 0.6.25-1+deb13u1 Distribution: trixie Urgency: medium Maintainer: all / amd64 / i386 Build Daemon (x86-conova-01) Changed-By: Emmanuel Arias Description: libexif-dev - library to parse EXIF files (development files) libexif12 - library to parse EXIF files Closes: 1131116 1133922 1133923 Changes: libexif (0.6.25-1+deb13u1) trixie; urgency=medium . * Team upload. * d/patches/CVE-2026-40386.patch Add patch for CVE-2026-40386. - An integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs (Closes: #1133923). * d/patches/CVE-2026-40385.patch: Add patch for CVE-2026-40385. - An unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. (Closes: #1133922). * d/patches/CVE-2026-32775.patch: Add patch for CVE-2026-32775.patch. - If the exif_mnote_data_get_value function in MakerNotes gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow (Closes: #1131116). Checksums-Sha1: 8e58ac754ffd00e2e7b807d4dd8bcaf7fd88ddaa 104056 libexif-dev_0.6.25-1+deb13u1_i386.deb e9fff2e182e1d8bd265472c6db249e5312dcac6f 115632 libexif12-dbgsym_0.6.25-1+deb13u1_i386.deb c70375a59a9a87c5d2b3f282ba416524bf76440e 418684 libexif12_0.6.25-1+deb13u1_i386.deb 1e816d5851e53778bc276d8fa17a214f074c9491 8278 libexif_0.6.25-1+deb13u1_i386-buildd.buildinfo Checksums-Sha256: 1c177991509bd01d5f7041497289563ccbed84bca3d621bae4be8d6ed6e70e60 104056 libexif-dev_0.6.25-1+deb13u1_i386.deb f93b6f0a40ec47ec3fa37211c8cc17921ebb37dbf565e398673a9de8ccd9262a 115632 libexif12-dbgsym_0.6.25-1+deb13u1_i386.deb c4e7fd1cf00d21f11a3864b97ac89b1482a36eb3ea954e9695005c1b80c3a136 418684 libexif12_0.6.25-1+deb13u1_i386.deb a6fffad319391f93999ff6cc83da9e63a03a276c54f60aa3a713595e91a5b66c 8278 libexif_0.6.25-1+deb13u1_i386-buildd.buildinfo Files: 87a928645b73c3903b3563d559668ed0 104056 libdevel optional libexif-dev_0.6.25-1+deb13u1_i386.deb 131b24ba3e5429e3db38c55340cdc462 115632 debug optional libexif12-dbgsym_0.6.25-1+deb13u1_i386.deb d846d1bb40405eb6481dbae0948a31f0 418684 libs optional libexif12_0.6.25-1+deb13u1_i386.deb e25cbbf772116237a217770ca6848600 8278 libs optional libexif_0.6.25-1+deb13u1_i386-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE7cQ9mRD4+dWjjrb6PkCWRKsh20cFAmn/JbkACgkQPkCWRKsh 20fc7w//TxQJUyy1pgvv+iEqvfwzXCdSMg7YewyK1YQi6fU+F1yo/1zygJ4knr2g iRo2yia2QtIJbjAqtQNkpAfyBjtmVp65vVsxc8KtXXQdGy64ZsT28su4r6JSoRhZ HQuqvfL4FWh6b1K22cOO/EFq1M9Nwrct0S7/fhpJ35asPuCCV3uT9sZmS5dwiPeO ltxN5FVgUuUfijgl3u+lEnEAQdES/789jfI7GClzGQvvrgA4BytBgCSj7Rjg5A4X 8qHxPulnjS0M73NNHcnlIOgTKqgPEGdWfYV2MOyNMSI92vEcqXi3Btjhok0lc/ht M6GTmlQF4sikfXXHqJAY6UaVxwyCPvLUt4vuVutDvc5ryhLbgu6Wm/uIqQftrYGU kMw6IV9RKeZ72ykfiA1pMLgKdHk3FJ9BUFvPkFOHccY1ZB6DpCuxDIRdvfJ1zo6H hlgeIvvbrybNXJEFCF/XEqgxqAJItVC6CgMdzBixpUhC5TxynlNLbGHqC1kFFZXe iez68JnOxG2i4lDQkrTu05hS6I1MfX8zdv5Pg52BSEWB6AGUUzKlCT8WR6twlwhq 45uHWUh/fLc4EIJRrPYplCqg+jg/GXeWE3WkBvJhDnUkgS48mDfGGFWljHDAeKNo 59VgXc0KJyD+W98Olg1u9w8bZVYUI3ND2lWsCT3GF2dyjra/QQ8= =BJts -----END PGP SIGNATURE-----