Path: csiph.com!weretis.net!feeder8.news.weretis.net!srl.newsdeef.eu!news.corradoroberto.it!bofh.it!news.nic.it!robomod
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Newsgroups: linux.debian.changes
Subject: Accepted libexif 0.6.25-1+deb13u1 (source) into proposed-updates
Date: Sat, 09 May 2026 10:40:01 +0200
Message-ID: <MSLo5-3ObX-1@gated-at.bofh.it>
X-Mailbox-Line: From debian-changes-request@lists.debian.org  Sat May  9 08:32:16 2026
Old-Return-Path: <envelope@ftp-master.debian.org>
X-Spam-Flag: NO
X-Spam-Score: -107.99
X-Dak: dak process-policy
X-Debian: DAK
X-Debian-Package: libexif
Debian: DAK
Debian-Changes: libexif_0.6.25-1+deb13u1_source.changes
Debian-Source: libexif
Debian-Version: 0.6.25-1+deb13u1
Debian-Architecture: source
Debian-Suite: proposed-updates
Debian-Archive-Action: accept
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="===============6726324204125643194=="
X-Debian-Message: from DAK
Reply-To: debian-devel@lists.debian.org
Mail-Followup-To: debian-devel@lists.debian.org
X-Mailing-List: <debian-changes@lists.debian.org> archive/latest/18336
List-ID: <debian-changes.lists.debian.org>
List-URL: <https://lists.debian.org/debian-changes/>
List-Archive: https://lists.debian.org/msgid-search/E1wLd6U-000000038kW-04SU@fasolo.debian.org
Approved: robomod@news.nic.it
Lines: 86
Organization: linux.* mail to news gateway
Sender: robomod@news.nic.it
X-Original-Date: Sat, 09 May 2026 08:32:06 +0000
X-Original-Message-ID: <E1wLd6U-000000038kW-04SU@fasolo.debian.org>
Xref: csiph.com linux.debian.changes:13717

--===============6726324204125643194==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 17 Apr 2026 07:48:04 -0300
Source: libexif
Architecture: source
Version: 0.6.25-1+deb13u1
Distribution: trixie
Urgency: medium
Maintainer: Debian PhotoTools Maintainers <pkg-phototools-devel@lists.alioth.=
debian.org>
Changed-By: Emmanuel Arias <eamanu@debian.org>
Closes: 1131116 1133922 1133923
Changes:
 libexif (0.6.25-1+deb13u1) trixie; urgency=3Dmedium
 .
   * Team upload.
   * d/patches/CVE-2026-40386.patch Add patch for CVE-2026-40386.
     - An integer underflow in size checking for Fuji and Olympus MakerNote
       decoding could be used by attackers to crash or leak information out
       of libexif-using programs (Closes: #1133923).
   * d/patches/CVE-2026-40385.patch: Add patch for CVE-2026-40385.
     - An unsigned 32bit integer overflow in Nikon MakerNote handling could
       be used by local attackers to cause crashes or information leaks.
       (Closes: #1133922).
   * d/patches/CVE-2026-32775.patch: Add patch for CVE-2026-32775.patch.
     - If the exif_mnote_data_get_value function in MakerNotes gets passed
       in a 0 size, the passed in-buffer would be overwritten due to an
       integer underflow (Closes: #1131116).
Checksums-Sha1:
 43fdb88452e4fc0c7cfb39222cc90bf6cd450331 2127 libexif_0.6.25-1+deb13u1.dsc
 55158cf229aa8bd9809398bfa489844d25bd4567 13744 libexif_0.6.25-1+deb13u1.debi=
an.tar.xz
 c02dc31828a049b9a4931af183bc7385388cb36f 8971 libexif_0.6.25-1+deb13u1_amd64=
.buildinfo
Checksums-Sha256:
 807f8e0e2da5182d824808aa5a22e24c032be58ed951b23539d1c2aebb86b319 2127 libexi=
f_0.6.25-1+deb13u1.dsc
 ad1b1a2555cc911f8e04a601f2edeb4987f71846c6c9e827d52d460ff4a4bccf 13744 libex=
if_0.6.25-1+deb13u1.debian.tar.xz
 53d834624afa536057ae1d14645b1cd426220aab32a0c3fb7c515ae0d014d18e 8971 libexi=
f_0.6.25-1+deb13u1_amd64.buildinfo
Files:
 f1f8f65f9d33f869baa974f61e849d41 2127 libs optional libexif_0.6.25-1+deb13u1=
.dsc
 a7a8b3422ab1bee54f1afc4cecd04f45 13744 libs optional libexif_0.6.25-1+deb13u=
1.debian.tar.xz
 64c8872e4342a79e7ea1a525a4223134 8971 libs optional libexif_0.6.25-1+deb13u1=
_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJGBAEBCgAwFiEEE3lnVbvHK7ir4q61+p3sXeEcY/EFAmn+W6ESHGVhbWFudUBk
ZWJpYW4ub3JnAAoJEPqd7F3hHGPxMYEP/iJUaHbpYFcS7WvFo3queQznJlX2IUCM
oXCMjkjHdAU/VhWZ35ADsm1qv+MkTkTi5VyJUCIfd11afHOSytVLrUuev1ErohZR
R4igtUNxDJ3Xa5ZhZuACniaqneYQsnUYMHIVp8Xd6wDTwIRe6XU3XgvAP9SpMi5d
L7tyrY2QlZOIhzdtk7yfgVuLVKZ+h8LJ6EEdoGzAUP8e7m8j7ENxAcK4ssoDCbno
BlYNLV1HzgfPq6EhK1IDs/wDrx5EeGMr8WNT3FmVaz0h9zIsCAuOpyj7BNlfUFx0
Me/eR6r6Dk2chaNOzMvbCqh1pwQjAep2rzHeZENuZuNOtz855/MR2olSXdImkG/i
q+V2HzmKwSBtFgBGbBkPp2WtcPyZZgL9rDk0Kjzo0+agQNl3NE2WYcXFPA/H4lLW
yx+/aLpVMCX/SZTO+FIyjz5uQIZE0x+uCbHMKTqAnaazdBNheQm6ZxNenQI9qC/t
MlxIkHDFm+mNEO1GplFQDwRPEQmQ0ztLJ6hGUgD8YgflJAIFiwdNoXhnn1pseZAi
domQT7krudFfBRGiR9e1imvCiuVQ8ouWckg9njGY8nqAZFpDp3fVBEYzYa9akhoC
UBcrxlEA/tkrWQJxEeJtOdR9WcRSbekLaoWhHMTsdTBetv+McE48ysXKZ+yupCdI
M9pcDOtpOyHs
=3DdQCP
-----END PGP SIGNATURE-----


--===============6726324204125643194==
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----

iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCaf7xBQAKCRCb9qggYcy5
Ie5BAP9ya1enQWpoXvx/FtjW4Mg+z35ViGQnFcFnl91PudI/EgEAthinZH03C6Z+
hZzZ6/xqifmS4jiYQUZmB6JljHcKoQI=
=wWkn
-----END PGP SIGNATURE-----

--===============6726324204125643194==--