- Update from version 0.6.22 to 0.6.24
- Update of rootfile not required
- source file no longer provided in xz format - changed to bz2
- Changelog (Two CVE's fixed in 0.6.23)
libexif-0.6.24 (2021-11-25):
* Translation updates: sr, vi, pl, uk, french
* fixed regression in exif_data_load_data which could not load EXIF in JPEG data anymore
* Decode lots of Canon tag names
* removed empty strings from translation (empty string would translate to the PO info header)
* various warning removals and code improvements
* added sample "persistent" afl fuzzer (100x faster than normal afl fuzzer)
libexif-0.6.23 (2021-09-12):
* Translation updates: es, pl, uk, fr
* EXIF_TAG_SENSITIVITY_TYPE decoder added, added some more Exif 2.3 tags:
- EXIF_TAG_STANDARD_OUTPUT_SENSITIVITY
- EXIF_TAG_RECOMMENDED_EXPOSURE_INDEX
- EXIF_TAG_ISO_SPEED
- EXIF_TAG_ISO_SPEEDLatitudeYYY
- EXIF_TAG_ISO_SPEEDLatitudeZZZ
- EXIF_TAG_OFFSET_TIME
- EXIF_TAG_OFFSET_TIME_ORIGINAL
- EXIF_TAG_OFFSET_TIME_DIGITIZED
- EXIF_TAG_IMAGE_DEPTH
* be more relaxed to out of order JPG / EXIF dataheaders in files generated by some tools
* default GPS IFD table added
* Decode more Nikon Makernote tag names
* Added Apple iOS Makernote
* Security fixes:
* CVE-2020-0198: unsigned integer overflow in exif_data_load_data_content
* CVE-2020-0452: compiler optimization could remove an a
bufferoverflow check, making a buffer overflow possible with some
EXIF tags
* some more denial of service (compute time or stack exhaustion) counter-measures
added that avoid minutes of decoding time with malformed files found
by OSS-Fuzz
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org>