openSUSE 10 Security Update : libexif (libexif-4886)
Medium Nessus Plugin ID 29958
SynopsisThe remote openSUSE host is missing a security update.
DescriptionTwo bugs in libexif were identified by a Google Security Audit done by Meder Kydyraliev.
CVE-2007-6351: Loading EXIF data could be used to cause a infinite recursion and crash CVE-2007-6352: Integer overflows in the thumbnail handler could be used to overflow buffers and potentially execute code or crash a program using libexif.
SolutionUpdate the affected libexif packages.