Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for exiv2 some time ago.
CVE-2008-2696: | Exiv2 0.16 allows user-assisted remote attackers to cause a denial of | service (divide-by-zero and application crash) via a zero value in | Nikon lens information in the metadata of an image, related to "pretty | printing" and the RationalValue::toLong function. Unfortunately the vulnerability described above is not important enough to get it fixed via regular security update in Debian stable. It does not warrant a DSA. However it would be nice if this could get fixed via a regular point update. Please contact the release team for this. This is Debian bug #486328. A patch can be found on: http://dev.robotbattle.com/cgi-bin/viewvc.cgi/exiv2/trunk/src/nikonmn.cpp?r1=1473&r2=1499 This is an automatically generated mail, in case you are already working on an upgrade this is of course pointless. For further information:  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2696  http://www.debian.org/doc/developers-reference/ch-pkgs.en.html#s-upload-stable Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
Description: PGP signature
_______________________________________________ pkg-kde-extras mailing list email@example.com http://lists.alioth.debian.org/mailman/listinfo/pkg-kde-extras