https://sourceforge.net/p/libexif/news/2020-08-31T20:29:07.432000ZRecent posts to news2020-08-31T20:29:07.432000Z2020-08-31T20:29:07.432000ZDan Fandrichhttps://sourceforge.net/u/dfandrich/https://sourceforge.nete6d4f5c0542daacf17660e4d1ed7efc3a431c239

<div class="markdown_content"><p>The libexif project has moved to <a class="" href="https://github.com/libexif/" rel="nofollow">Github</a>.</p></div>

2013-03-07T21:58:10Z2013-03-07T21:58:10ZLutz Müllerhttps://sourceforge.net/u/lutz/https://sourceforge.net1d99fc1c050ff11d5c410528e6abeaef90c5ba35

<div class="markdown_content"><p>The first release in a very long time, this one supports GTK+2 and GTK+3, is supplied with more translations, and fixes a few serious bugs. </p></div>

2012-07-12T21:20:25Z2012-07-12T21:20:25ZLutz Müllerhttps://sourceforge.net/u/lutz/https://sourceforge.net3eefd735c7c71dc6fa5af886af6164c2e944e1e8

<div class="markdown_content"><p>This is an abbreviated advisory. See <a href="http://sourceforge.net/mailarchive/message.php?msg_id=29534027">http://sourceforge.net/mailarchive/message.php?msg_id=29534027</a> for more details.</p> <p>PROBLEM DESCRIPTION</p> <p>A number of remotely exploitable issues were discovered in libexif and exif, with effects ranging from information leakage to potential remote code execution. </p> <p>There are no known public exploits of these issues.</p> <p>AFFECTED VERSIONS</p> <p>All of the described vulnerabilities affect libexif version 0.6.20, and most affect earlier versions as well.</p> <p>SOLUTION</p> <p>Upgrade to version 0.6.21 which is not vulnerable to these issues.</p> <p>ACKNOWLEDGEMENTS</p> <p>Mateusz Jurczyk of Google Security Team reported the issues CVE-2012-2812, CVE-2012-2813 and CVE-2012-2814. Yunho Kim reported the issues CVE-2012-2836 and CVE-2012-2837. Dan Fandrich discovered the issues CVE-2012-2840, CVE-2012-2841 and CVE-2012-2845.</p> <p>REFERENCES</p> <p><a href="http://libexif.sf.net">http://libexif.sf.net</a></p></div>

2012-07-12T21:16:49Z2012-07-12T21:16:49ZLutz Müllerhttps://sourceforge.net/u/lutz/https://sourceforge.net0b1b6aaddc6ded6c814a3bb67e31635c76ba8b90

<div class="markdown_content"><p>This is a security release that fixes a number of security and stability issues due to buffer overflows, bad pointer dereferences and division-by-zero. It also includes many updated translations and translations for two new locales: en_AU and uk.</p></div>

2010-12-16T07:42:09Z2010-12-16T07:42:09ZLutz Müllerhttps://sourceforge.net/u/lutz/https://sourceforge.net1b1a0936b947b5b3b66393683e4ee007e9166e68

<div class="markdown_content"><p>This release adds more flexibility to the existing exif options and fixes a crash when given bad command-line input. A few libexif bugs are squashed and rational values are now shown with appropriate precision. New translations are added for the bs, ro, &amp; tr locales.</p></div>

2009-11-13T07:36:22Z2009-11-13T07:36:22ZLutz Müllerhttps://sourceforge.net/u/lutz/https://sourceforge.neta5f1ee37b684e508702809682867ec606ff7b7ba

<div class="markdown_content"><p>PROBLEM DESCRIPTION</p> <p>A flaw in libexif was discovered that causes a heap buffer to overflow when certain invalid EXIF images are processed. The flaw occurs in the tag fixup routine which attempts to convert in place an array of 8-bit integers into 16-bit integers. This fixup is performed by default after reading an image and until version 0.6.18 there was no easy way to disable it, so it is likely that nearly all applications using libexif to read images are vulnerable.</p> <p>AFFECTED VERSIONS</p> <p>Only libexif version 0.6.18 is affected by this flaw. Version 0.6.17 and previous and 0.6.19 and later are not affected.</p> <p>SOLUTION</p> <p>Upgrade to version 0.6.19.</p> <p>REFERENCES</p> <p><a href="http://libexif.sf.net">http://libexif.sf.net</a></p></div>

2009-11-13T07:06:00Z2009-11-13T07:06:00ZLutz Müllerhttps://sourceforge.net/u/lutz/https://sourceforge.net2ed9d6e4e198fe62f374cfa7b51cdf522149f028

<div class="markdown_content"><p>This release fixes a security vulnerability found in libexif 0.6.18, plus manages to squeeze in a substantial performance improvement. Also included are new translations for be, en_GB, it, ja, pt, sq and zh_CN locales.</p></div>

2009-10-10T08:34:49Z2009-10-10T08:34:49ZLutz Müllerhttps://sourceforge.net/u/lutz/https://sourceforge.netdbe1ed319b4dd903433918ff291575b1a7a1b39e

<div class="markdown_content"><p>This release's highlights include greatly expanded API documentation and sample programs, improved support for Pentax, Casio and Epson MakerNotes, increased stability in the face of corrupted JPEG files, and proper output alignment in UTF-8 locales. EXIF tag fixup is now more eager in the default case, which means that more mandatory tags are added when needed and others automatically corrected to be of the proper data types. New translations for da, is, it, lv, pt_BR and sr locales are also included.</p> <p>Read more in the NEWS file included in each release archive.</p></div>

2002-02-11T10:17:15Z2002-02-11T10:17:15ZLutz Müllerhttps://sourceforge.net/u/lutz/https://sourceforge.net3c74f52d4529bab20f4882da02dc0a2e6eba6d01

<div class="markdown_content"><p>Hi everybody!</p> <p>If you are looking for an EXIF library that is well-designed, written in C, supports loading, editing (!) and saving (!), and supports internationalization by design, libexif is what you are looking for. </p> <p>I still need help regarding manufacturer-specific tags. I imagine this library to be used in various programs (both with GUI and command-line tools), thus reducing the need for reinventing the wheel. If you already have an EXIF implementation, please look into contributing to this library and using it instead of your own implementation.</p> <p>Have fun!</p> <p>Lutz</p></div>

2000-10-25T00:13:00Z2000-10-25T00:13:00ZLutz Müllerhttps://sourceforge.net/u/lutz/https://sourceforge.net204d40531bc5a8bfb509608a2e85611d51c2f96e

<div class="markdown_content"><p>There is now code for an AOLserver loadable module in the 'aolserver' directory.</p></div>