Bug 426001

Summary: CVE-2007-6353 exiv2: integer overflow in EXIF parsing [EPEL-4]
Product: [Fedora] Fedora EPEL Reporter: Rex Dieter <rdieter>
Component: exiv2Assignee: Rex Dieter <rdieter>
Status: CLOSED CURRENTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: el4Keywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
URL: http://fedoraproject.org/wiki/Security/TrackingBugs
Whiteboard:
Fixed In Version: exiv2-0.15-5 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-02-18 14:51:00 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 425921    

Description Rex Dieter 2007-12-17 17:58:11 UTC 
+++ This bug was initially created as a clone of Bug #425993 +++

This is an automatically created tracking bug!

It was created to ensure that one or more security vulnerabilities are fixed in
all affected releases. You should not refer to it anywhere except in the update
system as it is a private "Fedora Project Contributors" bug. The update system
should close this bug it once the update is pushed.

For comments that are specific to a vulnerability please use bugs filed against
"Security Response" product referenced in "Blocks" field.

	bug #425921: CVE-2007-6353 exiv2: integer overflow in EXIF parsing

When creating an update for the version this this bug is reported against please
include the bug IDs of respective bugs filed against "Security Response" product
as well as of this bug. Please note that the update announcement will (and
should) contain only references to "Security Response" bugs as long as the
tracking bug is restricted to "Fedora Project Contributors".

For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs

-- Additional comment from rdieter.edu on 2007-12-17 12:08 EST --
ew, not sure if I cloned that right, this one doesn't seem to have any
restriction checkboxes like the others (see bug #425922)