-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                         ESB-2007.0416 -- [RedHat]
                    Moderate: libexif integer overflow
                               15 June 2007

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              libexif
Publisher:            Red Hat
Operating System:     Red Hat Enterprise Linux 5
                      Red Hat Enterprise Linux 4
Impact:               Execute Arbitrary Code/Commands
                      Denial of Service
Access:               Remote/Unauthenticated
CVE Names:            CVE-2007-4168

Ref:                  ESB-2007.0415

Original Bulletin:    https://rhn.redhat.com/errata/RHSA-2007-0501.html

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Moderate: libexif integer overflow
Advisory ID:       RHSA-2007:0501-01
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2007-0501.html
Issue date:        2007-06-14
Updated on:        2007-06-14
Product:           Red Hat Enterprise Linux
CVE Names:         CVE-2007-4168 
- - ---------------------------------------------------------------------

1. Summary:

Updated libexif packages that fix an integer overflow flaw are now
available for Red Hat Enterprise Linux 4 and 5.

This update has been rated as having moderate security impact by the Red Hat
Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

3. Problem description:

The libexif package contains the EXIF library. Applications use this
library to parse EXIF image files.

An integer overflow flaw was found in the way libexif parses EXIF image
tags. If a victim opens a carefully crafted EXIF image file it could cause
the application linked against libexif to execute arbitrary code or crash.
(CVE-2007-4168)

Users of libexif should upgrade to these updated packages, which contain a
backported patch and are not vulnerable to this issue.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  

This update is available via Red Hat Network.  Details on how to use 
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bug IDs fixed (http://bugzilla.redhat.com/):

243888 - CVE-2007-4168 libexif integer overflow

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/libexif-0.5.12-5.1.0.2.src.rpm
cc95784382095e50dbe7635f481aa9cf  libexif-0.5.12-5.1.0.2.src.rpm

i386:
6da6c2967783bcb980aecdc144d6dd02  libexif-0.5.12-5.1.0.2.i386.rpm
4ef568e43b4db35b77c5d55dd6ba3343  libexif-debuginfo-0.5.12-5.1.0.2.i386.rpm
991754de75656c3bb52f65973ff6c26f  libexif-devel-0.5.12-5.1.0.2.i386.rpm

ia64:
6da6c2967783bcb980aecdc144d6dd02  libexif-0.5.12-5.1.0.2.i386.rpm
f68c9026317026b58dd196bfd4af4bbf  libexif-0.5.12-5.1.0.2.ia64.rpm
4ef568e43b4db35b77c5d55dd6ba3343  libexif-debuginfo-0.5.12-5.1.0.2.i386.rpm
11d6259eaff76f0469a0098c8bfe2d85  libexif-debuginfo-0.5.12-5.1.0.2.ia64.rpm
ecfce96bd377840f0cee4de6d2c4d1e8  libexif-devel-0.5.12-5.1.0.2.ia64.rpm

ppc:
fdac438a4a9fd5bd08cc6a44391f23f6  libexif-0.5.12-5.1.0.2.ppc.rpm
af678c093c8adf776902b70fbb3c871e  libexif-0.5.12-5.1.0.2.ppc64.rpm
1d22c89d2bc5225093c422518bff34f1  libexif-debuginfo-0.5.12-5.1.0.2.ppc.rpm
f2d48c3e7a09ae433c77f2a8071d98b5  libexif-debuginfo-0.5.12-5.1.0.2.ppc64.rpm
9ab46f02a84a771fea33d5308b255f40  libexif-devel-0.5.12-5.1.0.2.ppc.rpm

s390:
e9985c79bc041d36f97af618830aace1  libexif-0.5.12-5.1.0.2.s390.rpm
cb1d6ec562f75373948fd0b6334779b2  libexif-debuginfo-0.5.12-5.1.0.2.s390.rpm
8747b11f434c1482c1ed32d024d9965e  libexif-devel-0.5.12-5.1.0.2.s390.rpm

s390x:
e9985c79bc041d36f97af618830aace1  libexif-0.5.12-5.1.0.2.s390.rpm
f5a748f9e3401d7ca637294f0a303e19  libexif-0.5.12-5.1.0.2.s390x.rpm
cb1d6ec562f75373948fd0b6334779b2  libexif-debuginfo-0.5.12-5.1.0.2.s390.rpm
8fd53184708b6fd4673090aaaf6162b1  libexif-debuginfo-0.5.12-5.1.0.2.s390x.rpm
822e8e8f5f5b7bdb47225604cf1d4373  libexif-devel-0.5.12-5.1.0.2.s390x.rpm

x86_64:
6da6c2967783bcb980aecdc144d6dd02  libexif-0.5.12-5.1.0.2.i386.rpm
1734951e779ec59b4bfc3f2e179238d7  libexif-0.5.12-5.1.0.2.x86_64.rpm
4ef568e43b4db35b77c5d55dd6ba3343  libexif-debuginfo-0.5.12-5.1.0.2.i386.rpm
40376173f752db73fcbb5bd44bed94f3  libexif-debuginfo-0.5.12-5.1.0.2.x86_64.rpm
470280d57b9b8a4684f6ae22fce1884d  libexif-devel-0.5.12-5.1.0.2.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/libexif-0.5.12-5.1.0.2.src.rpm
cc95784382095e50dbe7635f481aa9cf  libexif-0.5.12-5.1.0.2.src.rpm

i386:
6da6c2967783bcb980aecdc144d6dd02  libexif-0.5.12-5.1.0.2.i386.rpm
4ef568e43b4db35b77c5d55dd6ba3343  libexif-debuginfo-0.5.12-5.1.0.2.i386.rpm
991754de75656c3bb52f65973ff6c26f  libexif-devel-0.5.12-5.1.0.2.i386.rpm

x86_64:
6da6c2967783bcb980aecdc144d6dd02  libexif-0.5.12-5.1.0.2.i386.rpm
1734951e779ec59b4bfc3f2e179238d7  libexif-0.5.12-5.1.0.2.x86_64.rpm
4ef568e43b4db35b77c5d55dd6ba3343  libexif-debuginfo-0.5.12-5.1.0.2.i386.rpm
40376173f752db73fcbb5bd44bed94f3  libexif-debuginfo-0.5.12-5.1.0.2.x86_64.rpm
470280d57b9b8a4684f6ae22fce1884d  libexif-devel-0.5.12-5.1.0.2.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/libexif-0.5.12-5.1.0.2.src.rpm
cc95784382095e50dbe7635f481aa9cf  libexif-0.5.12-5.1.0.2.src.rpm

i386:
6da6c2967783bcb980aecdc144d6dd02  libexif-0.5.12-5.1.0.2.i386.rpm
4ef568e43b4db35b77c5d55dd6ba3343  libexif-debuginfo-0.5.12-5.1.0.2.i386.rpm
991754de75656c3bb52f65973ff6c26f  libexif-devel-0.5.12-5.1.0.2.i386.rpm

ia64:
6da6c2967783bcb980aecdc144d6dd02  libexif-0.5.12-5.1.0.2.i386.rpm
f68c9026317026b58dd196bfd4af4bbf  libexif-0.5.12-5.1.0.2.ia64.rpm
4ef568e43b4db35b77c5d55dd6ba3343  libexif-debuginfo-0.5.12-5.1.0.2.i386.rpm
11d6259eaff76f0469a0098c8bfe2d85  libexif-debuginfo-0.5.12-5.1.0.2.ia64.rpm
ecfce96bd377840f0cee4de6d2c4d1e8  libexif-devel-0.5.12-5.1.0.2.ia64.rpm

x86_64:
6da6c2967783bcb980aecdc144d6dd02  libexif-0.5.12-5.1.0.2.i386.rpm
1734951e779ec59b4bfc3f2e179238d7  libexif-0.5.12-5.1.0.2.x86_64.rpm
4ef568e43b4db35b77c5d55dd6ba3343  libexif-debuginfo-0.5.12-5.1.0.2.i386.rpm
40376173f752db73fcbb5bd44bed94f3  libexif-debuginfo-0.5.12-5.1.0.2.x86_64.rpm
470280d57b9b8a4684f6ae22fce1884d  libexif-devel-0.5.12-5.1.0.2.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/libexif-0.5.12-5.1.0.2.src.rpm
cc95784382095e50dbe7635f481aa9cf  libexif-0.5.12-5.1.0.2.src.rpm

i386:
6da6c2967783bcb980aecdc144d6dd02  libexif-0.5.12-5.1.0.2.i386.rpm
4ef568e43b4db35b77c5d55dd6ba3343  libexif-debuginfo-0.5.12-5.1.0.2.i386.rpm
991754de75656c3bb52f65973ff6c26f  libexif-devel-0.5.12-5.1.0.2.i386.rpm

ia64:
6da6c2967783bcb980aecdc144d6dd02  libexif-0.5.12-5.1.0.2.i386.rpm
f68c9026317026b58dd196bfd4af4bbf  libexif-0.5.12-5.1.0.2.ia64.rpm
4ef568e43b4db35b77c5d55dd6ba3343  libexif-debuginfo-0.5.12-5.1.0.2.i386.rpm
11d6259eaff76f0469a0098c8bfe2d85  libexif-debuginfo-0.5.12-5.1.0.2.ia64.rpm
ecfce96bd377840f0cee4de6d2c4d1e8  libexif-devel-0.5.12-5.1.0.2.ia64.rpm

x86_64:
6da6c2967783bcb980aecdc144d6dd02  libexif-0.5.12-5.1.0.2.i386.rpm
1734951e779ec59b4bfc3f2e179238d7  libexif-0.5.12-5.1.0.2.x86_64.rpm
4ef568e43b4db35b77c5d55dd6ba3343  libexif-debuginfo-0.5.12-5.1.0.2.i386.rpm
40376173f752db73fcbb5bd44bed94f3  libexif-debuginfo-0.5.12-5.1.0.2.x86_64.rpm
470280d57b9b8a4684f6ae22fce1884d  libexif-devel-0.5.12-5.1.0.2.x86_64.rpm

Red Hat Enterprise Linux Desktop (v. 5 client):

SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/libexif-0.6.13-4.0.2.el5.src.rpm
9c1360d0a15e568b9b73def358e1e216  libexif-0.6.13-4.0.2.el5.src.rpm

i386:
930dedbd73cc50756f08d8da7e69d3cc  libexif-0.6.13-4.0.2.el5.i386.rpm
67b189515a55c0197d5978fc741d40fb  libexif-debuginfo-0.6.13-4.0.2.el5.i386.rpm

x86_64:
930dedbd73cc50756f08d8da7e69d3cc  libexif-0.6.13-4.0.2.el5.i386.rpm
e3130a9e84081d0ee5735e0bf027b186  libexif-0.6.13-4.0.2.el5.x86_64.rpm
67b189515a55c0197d5978fc741d40fb  libexif-debuginfo-0.6.13-4.0.2.el5.i386.rpm
173cf3c2daefe7a78f5f2859803d4778  libexif-debuginfo-0.6.13-4.0.2.el5.x86_64.rpm

RHEL Desktop Workstation (v. 5 client):

SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/libexif-0.6.13-4.0.2.el5.src.rpm
9c1360d0a15e568b9b73def358e1e216  libexif-0.6.13-4.0.2.el5.src.rpm

i386:
67b189515a55c0197d5978fc741d40fb  libexif-debuginfo-0.6.13-4.0.2.el5.i386.rpm
6cc73cf44459c921979c87bb72c2423d  libexif-devel-0.6.13-4.0.2.el5.i386.rpm

x86_64:
67b189515a55c0197d5978fc741d40fb  libexif-debuginfo-0.6.13-4.0.2.el5.i386.rpm
173cf3c2daefe7a78f5f2859803d4778  libexif-debuginfo-0.6.13-4.0.2.el5.x86_64.rpm
6cc73cf44459c921979c87bb72c2423d  libexif-devel-0.6.13-4.0.2.el5.i386.rpm
09804ed13ace52a3c98629e882652458  libexif-devel-0.6.13-4.0.2.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/libexif-0.6.13-4.0.2.el5.src.rpm
9c1360d0a15e568b9b73def358e1e216  libexif-0.6.13-4.0.2.el5.src.rpm

i386:
930dedbd73cc50756f08d8da7e69d3cc  libexif-0.6.13-4.0.2.el5.i386.rpm
67b189515a55c0197d5978fc741d40fb  libexif-debuginfo-0.6.13-4.0.2.el5.i386.rpm
6cc73cf44459c921979c87bb72c2423d  libexif-devel-0.6.13-4.0.2.el5.i386.rpm

ia64:
bdd1e73d38fa157910bafa527fbbb9b8  libexif-0.6.13-4.0.2.el5.ia64.rpm
8ed3e35b3368418f65e27a29ab32089c  libexif-debuginfo-0.6.13-4.0.2.el5.ia64.rpm
6c717cfbef081e91678f0077e2990aa2  libexif-devel-0.6.13-4.0.2.el5.ia64.rpm

ppc:
a18174feefe9609197fc1965b10782ef  libexif-0.6.13-4.0.2.el5.ppc.rpm
05756725b5317acf04a044fbb12f10eb  libexif-0.6.13-4.0.2.el5.ppc64.rpm
cd467ec90128a6c417b6edbe51856919  libexif-debuginfo-0.6.13-4.0.2.el5.ppc.rpm
d0665b2a3d51d2370d44fdf79e90d927  libexif-debuginfo-0.6.13-4.0.2.el5.ppc64.rpm
a27203f6f7f67880c890f298a29ef269  libexif-devel-0.6.13-4.0.2.el5.ppc.rpm
f40b87f843489b5015b8325da0aeebe5  libexif-devel-0.6.13-4.0.2.el5.ppc64.rpm

s390x:
79ed6902bce120c38ebac83e374d9b82  libexif-0.6.13-4.0.2.el5.s390.rpm
c2d896aef222c14fae8976b222c3cfbe  libexif-0.6.13-4.0.2.el5.s390x.rpm
70c4cc7f2a088a417242c0eab635f9d8  libexif-debuginfo-0.6.13-4.0.2.el5.s390.rpm
28b288059199d9897659f0fb1e29cf20  libexif-debuginfo-0.6.13-4.0.2.el5.s390x.rpm
1afbb123d879e1a682b21fca1b9231fb  libexif-devel-0.6.13-4.0.2.el5.s390.rpm
fe8041e8b91383a74786a15ab0d8fc17  libexif-devel-0.6.13-4.0.2.el5.s390x.rpm

x86_64:
930dedbd73cc50756f08d8da7e69d3cc  libexif-0.6.13-4.0.2.el5.i386.rpm
e3130a9e84081d0ee5735e0bf027b186  libexif-0.6.13-4.0.2.el5.x86_64.rpm
67b189515a55c0197d5978fc741d40fb  libexif-debuginfo-0.6.13-4.0.2.el5.i386.rpm
173cf3c2daefe7a78f5f2859803d4778  libexif-debuginfo-0.6.13-4.0.2.el5.x86_64.rpm
6cc73cf44459c921979c87bb72c2423d  libexif-devel-0.6.13-4.0.2.el5.i386.rpm
09804ed13ace52a3c98629e882652458  libexif-devel-0.6.13-4.0.2.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4168
http://www.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFGcYZsXlSAg2UNWIIRAiUeAKCEYAC9HRbt7+RoAQU7cYpmdvm0fQCgoBcg
AIGhqj1Rawghxkj7Hz+XFoU=
=OiK1
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

If you believe that your computer system has been compromised or attacked in 
any way, we encourage you to let us know by completing the secure National IT 
Incident Reporting Form at:

        http://www.auscert.org.au/render.html?it=3192

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================

-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQCVAwUBRnHQPCh9+71yA2DNAQKFmwP7BCRoOKTItoN7TnjPXNlZJ2QPcy8ys97M
SBHKlWOO1o6rEUAWCKQskXP0S3Ojk82ytVMJFZMpRsu8znrN/sJjJkS3/zSmdLyA
TuH9X8rh/zDiy+5jr/0nV/fOROzx9dY0E20PikxyVK9mliNlJeoUnFkLN7G+9e/V
DabrzQgcvVM=
=INAa
-----END PGP SIGNATURE-----