---------------------------------------------------------------------- Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure. The Full Featured Secunia Network Software Inspector (NSI) is now available: http://secunia.com/network_software_inspector/ The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications. ---------------------------------------------------------------------- TITLE: SUSE update for libexif SECUNIA ADVISORY ID: SA25932 VERIFY ADVISORY: http://secunia.com/advisories/25932/ CRITICAL: Moderately critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: SUSE Linux 10 http://secunia.com/product/6221/ SUSE Linux 10.1 http://secunia.com/product/10796/ openSUSE 10.2 http://secunia.com/product/13375/ SuSE Linux Enterprise Server 8 http://secunia.com/product/1171/ SuSE Linux Openexchange Server 4.x http://secunia.com/product/2001/ SuSE Linux Desktop 1.x http://secunia.com/product/2002/ SuSE Linux Standard Server 8 http://secunia.com/product/2526/ SUSE Linux Enterprise Server 9 http://secunia.com/product/4118/ SUSE Linux Enterprise Server 10 http://secunia.com/product/12192/ UnitedLinux 1.0 http://secunia.com/product/2003/ SOFTWARE: Novell Open Enterprise Server http://secunia.com/product/4664/ DESCRIPTION: SUSE has issued an update for libexif. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. For more information: SA25235 SA25642 SOLUTION: Apply updated packages. x86 Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/libexif-0.6.14-20.i586.rpm 8b51ea8c00917b92f2c6f917dc6c7075 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/libexif5-0.5.12-39.i586.rpm 2f664181c05adba466688d72acba0290 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/libexif-0.6.13-20.6.i586.rpm 19c460b7303a61f73aa6e8fc608c19e6 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/libexif5-0.5.12-17.7.i586.rpm 94ef6e0db31f9a27cfe918127e111ae8 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/libexif-0.6.13-5.6.i586.rpm 828b66ebbcf65165265b2626d5cfd128 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/libexif5-0.5.12-5.3.i586.rpm 2ee753118e36046fde13e7baf776198e Power PC Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/libexif-0.6.14-20.ppc.rpm 8b4fd53fe4d613e8265cca92e4125eed ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/libexif5-0.5.12-39.ppc.rpm 23907dd0364b4abc001ad0e1fefc559f SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/libexif-0.6.13-20.6.ppc.rpm 6dfe90de0ec18f6b62545d41c1ce0451 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/libexif5-0.5.12-17.7.ppc.rpm 5b16777269b81781ab22e1199bae4744 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/libexif-0.6.13-5.6.ppc.rpm 66758e06bf81296b0f785c4f9be1f6e4 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/libexif5-0.5.12-5.3.ppc.rpm 088582470dcb34f117d7914dc0314fd8 x86-64 Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/libexif-0.6.14-20.x86_64.rpm 281b4a175bc3ee533c2bc013045cb56f ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/libexif-32bit-0.6.14-20.x86_64.rpm af8ca717ed67c7daf8162264d8c9aad0 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/libexif5-0.5.12-39.x86_64.rpm 62cb1d299cfb85754d2f99fc954f9786 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/libexif-0.6.13-20.6.x86_64.rpm 9b758ea30cd441c9d43d0320b4660878 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/libexif-32bit-0.6.13-20.6.x86_64.rpm 7b7666c817078d8ce07026a823dd9b4d ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/libexif5-0.5.12-17.7.x86_64.rpm 2166b456ee47fe57d4557ede76e54a13 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/libexif-0.6.13-5.6.x86_64.rpm 5b52f417442e5b6e4c5aebcad9577696 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/libexif-32bit-0.6.13-5.6.x86_64.rpm 6785cb87dd30b864171f79cd7b5c3535 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/libexif5-0.5.12-5.3.x86_64.rpm e1f59baef428fa1c02d06f83f3aeee59 Sources: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/libexif-0.6.14-20.src.rpm 1feda79286d3d993eaed1e6c9d9b6477 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/libexif5-0.5.12-39.src.rpm 7f2a0b31dab5845cd281926e91f181b7 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/libexif-0.6.13-20.6.src.rpm 78bf6de918f018177b3151eed8cf7709 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/libexif5-0.5.12-17.7.src.rpm ac32eee3053e9ec1c28363fbddcc7d0d SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/libexif-0.6.13-5.6.src.rpm 8f901b2be54e9ea36539723f2fe63e5f ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/libexif5-0.5.12-5.3.src.rpm aa25a73a0f84cfe83728d94bbd69a454 SLE SDK 10 SP1 http://support.novell.com/techcenter/psdb/f4ec1eac6e651c2a2747f2e56275d1c4.html SUSE Linux Enterprise Server 10 SP1 http://support.novell.com/techcenter/psdb/f4ec1eac6e651c2a2747f2e56275d1c4.html http://support.novell.com/techcenter/psdb/bfd3d663c28c43bc07ad75413eec677a.html SUSE Linux Enterprise Desktop 10 SP1 http://support.novell.com/techcenter/psdb/bfd3d663c28c43bc07ad75413eec677a.html UnitedLinux 1.0 http://support.novell.com/techcenter/psdb/d2186e8218d131e17a5524c43a27b841.html SuSE Linux Openexchange Server 4 http://support.novell.com/techcenter/psdb/d2186e8218d131e17a5524c43a27b841.html Open Enterprise Server http://support.novell.com/techcenter/psdb/d2186e8218d131e17a5524c43a27b841.html Novell Linux POS 9 http://support.novell.com/techcenter/psdb/d2186e8218d131e17a5524c43a27b841.html Novell Linux Desktop 9 http://support.novell.com/techcenter/psdb/d2186e8218d131e17a5524c43a27b841.html SuSE Linux Enterprise Server 8 http://support.novell.com/techcenter/psdb/d2186e8218d131e17a5524c43a27b841.html SuSE Linux Standard Server 8 http://support.novell.com/techcenter/psdb/d2186e8218d131e17a5524c43a27b841.html SuSE Linux School Server http://support.novell.com/techcenter/psdb/d2186e8218d131e17a5524c43a27b841.html SUSE LINUX Retail Solution 8 http://support.novell.com/techcenter/psdb/d2186e8218d131e17a5524c43a27b841.html SuSE Linux Desktop 1.0 http://support.novell.com/techcenter/psdb/d2186e8218d131e17a5524c43a27b841.html SUSE SLES 9 http://support.novell.com/techcenter/psdb/d2186e8218d131e17a5524c43a27b841.html ORIGINAL ADVISORY: http://www.novell.com/linux/security/advisories/2007_39_libexif.html OTHER REFERENCES: SA25235: http://secunia.com/advisories/25235/ SA25642: http://secunia.com/advisories/25642/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------