Bug#969027: marked as done (ITA: jhead -- manipulate the non-image part of Exif compliant JPEG files)
Your message dated Mon, 31 May 2021 18:33:36 +0000
with message-id <E1lnmjI-0007Pn-9Q@fasolo.debian.org>
and subject line Bug#969027: fixed in jhead 1:3.06.0.1-1
has caused the Debian Bug report #969027,
regarding ITA: jhead -- manipulate the non-image part of Exif compliant JPEG files
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
969027: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969027
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: O: jhead -- manipulate the non-image part of Exif compliant JPEG files
- From: Ludovic Rousseau <rousseau@debian.org>
- Date: Wed, 26 Aug 2020 11:23:05 +0200
- Message-id: <159843378547.10273.2008085358746308392.reportbug@debian.apdu.fr>
Package: wnpp
Severity: normal
I intend to orphan the jhead package.
jhead is an EXIF parser and has MANY problems with the parser. It works
fine in normal cases. But the parser has NO defencive check so it is
very easy to make it crash or exploit buffer overflows.
- The upstream maintainer is not reactive.
- I do not use this package any more.
- I do not have time and energy to fix myself the crashes and possibly
security issues.
The package description is:
jhead is a command line driven utility for extracting digital camera settings
from the Exif format files used by many digital cameras. It handles the
various confusing ways these can be expressed, and displays them as F-stop,
shutter speed, etc. It is also able to reduce the size of digital camera JPEGs
without loss of information, by deleting integral thumbnails that digital
cameras put into the Exif header.
--- End Message ---
--- Begin Message ---
Source: jhead
Source-Version: 1:3.06.0.1-1
Done: Joachim Reichel <reichel@debian.org>
We believe that the bug you reported is fixed in the latest version of
jhead, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 969027@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Joachim Reichel <reichel@debian.org> (supplier of updated jhead package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 30 May 2021 14:21:52 +0200
Source: jhead
Architecture: source
Version: 1:3.06.0.1-1
Distribution: experimental
Urgency: medium
Maintainer: Joachim Reichel <reichel@debian.org>
Changed-By: Joachim Reichel <reichel@debian.org>
Closes: 969027
Changes:
jhead (1:3.06.0.1-1) experimental; urgency=medium
.
* New upstream release.
- Removed patches allocate-extra.patch, cve-2021-3496.patch, and
invalid-IPTC-lengths.patch (applied upstream).
- Removed patch 01_gpsinfo.c (fixed upstream in a different way).
* New maintainer (Closes: #969027).
* Use debhelper compat version 13 (no changes needed).
* Update Standards-Version to 4.5.1 (no changes needed).
* Add patch fix_parallel_build.
* Install changes.txt as changelog.gz.
* Install usage.html, convert from WINDOWS-1252 (guess) to UTF8 on the fly.
* Convert debian/copyright to machine-readable format (DEP5).
* Remove "Depends: libjpeg-turbo-progs" (not necessary).
* Update debian/watch after move to github.
Checksums-Sha1:
45de67dcf7f2df1d1dde05dbc0e1fb906a880e0a 1825 jhead_3.06.0.1-1.dsc
a964198d25cceb77f079a9eb07da639df99b2f3c 1144608 jhead_3.06.0.1.orig.tar.gz
43a0d78181ddf85939c0900228aadd0b8413f73b 6984 jhead_3.06.0.1-1.debian.tar.xz
2ce367f50713e29555fb7c8472460246acabb6ba 6062 jhead_3.06.0.1-1_amd64.buildinfo
Checksums-Sha256:
70f725420e7c119cfd1b4b5da02be6645a01c0f18b59d1106ed68983afe2536b 1825 jhead_3.06.0.1-1.dsc
5c5258c3d7a840bf831e22174e4a24cb1de3baf442f7cb73d5ab31b4ae0b0058 1144608 jhead_3.06.0.1.orig.tar.gz
e7e4bf63894f7268e1966403d8c9ed350a796b73584bc187b78fc412c9852f7d 6984 jhead_3.06.0.1-1.debian.tar.xz
ef624afa2d8040191aa9068a345a6c9a7f2f3563cc9af93543bb41e7ac4b379f 6062 jhead_3.06.0.1-1_amd64.buildinfo
Files:
a083cf2cc2b091f52e0af57e936701e8 1825 graphics optional jhead_3.06.0.1-1.dsc
649538af0ceebdaaed6eb5b87cb43bf0 1144608 graphics optional jhead_3.06.0.1.orig.tar.gz
6a9013630082af560f02e769a47b2522 6984 graphics optional jhead_3.06.0.1-1.debian.tar.xz
2a70abe3c59a505f1c3ee69e39c5870c 6062 graphics optional jhead_3.06.0.1-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEErX6NzLwwsr4xjsEVuPr/HEOIZ3EFAmC1JhMACgkQuPr/HEOI
Z3GL+g//QpYmVXj9Npn8crcUsrjyNYYG3lC2nR4/1MFfGr5Ln4aK3HVlqZ8RvLPW
qpKBOSEMwYi6Z6A68+unQdYfZhZYiOU2jR1v0PszGa5zDuz4qSORQfqgxsJTYWmQ
UlC3u/pcJz9rXPV3YIfxS0MCZRM1jdxEOenyxXNc1JVAysleOjnQBivGobH0IASQ
INwFEJyWuNdxUh404c3uoWyAOc1cLzM1UjF/urfau71RygkR0hviUVf2VrdXQnbD
lTn/isOviswz3yrXsBLrTNdhagWUr26U0EYVtkE4/h2t39sPd0+X+L+TDIxzIthw
ZI3cdI7BFpc8ReQwmIxQ9v1T40itZM0ajaRmEmVlfbp76SYq/2B3JURXfwQykrkS
sDwDXfYOcWI1x30e2QsospAlv9i3OTqhaFQPGqLuhk/R8/G8aNM+II7HhYbMaF3B
R3Veq9fwHl3r+t8QSeVi+OFt7WUxkbDk16/DDDv/Szsww+Xc0ZVEuttFI6QTh7uP
vbGVCENQzh96OoW3cpcMJOQLSN9ZpjzPf00zw78R7MqGhlMcueUo+5QqZdKNqzUk
LUhxmdsXQcsG+WR/RpuY30Ct5cAlON/p6rVPyVeCa96/ADzmgQvB1rh70mFmzg00
vF6vlOyIOWQIgHrJcLG78f1eh6caWaoFl6mDA1Q/VwtX/98wUDw=
=4ie5
-----END PGP SIGNATURE-----
--- End Message ---
Reply to: