EXIF Tag Parsing Library / News: Recent posts

libexif-gtk 0.4.0 released

The first release in a very long time, this one supports GTK+2 and GTK+3, is supplied with more translations, and fixes a few serious bugs.

Posted by Dan Fandrich 2013-03-07

libexif project security advisory

This is an abbreviated advisory. See http://sourceforge.net/mailarchive/message.php?msg_id=29534027 for more details.

PROBLEM DESCRIPTION

A number of remotely exploitable issues were discovered in libexif and exif, with effects ranging from information leakage to potential remote code execution.

There are no known public exploits of these issues.

AFFECTED VERSIONS

All of the described vulnerabilities affect libexif version 0.6.20, and most affect earlier versions as well.... read more

Posted by Dan Fandrich 2012-07-12

libexif and exif 0.6.21 released

This is a security release that fixes a number of security and stability issues due to buffer overflows, bad pointer dereferences and division-by-zero. It also includes many updated translations and translations for two new locales: en_AU and uk.

Posted by Dan Fandrich 2012-07-12

libexif and exif 0.6.20 released

This release adds more flexibility to the existing exif options and fixes a crash when given bad command-line input. A few libexif bugs are squashed and rational values are now shown with appropriate precision. New translations are added for the bs, ro, & tr locales.

Posted by Dan Fandrich 2010-12-16

libexif project security advisory

PROBLEM DESCRIPTION

A flaw in libexif was discovered that causes a heap buffer to overflow when certain invalid EXIF images are processed. The flaw occurs in the tag fixup routine which attempts to convert in place an array of 8-bit integers into 16-bit integers. This fixup is performed by default after reading an image and until version 0.6.18 there was no easy way to disable it, so it is likely that nearly all applications using libexif to read images are vulnerable.... read more

Posted by Dan Fandrich 2009-11-13

libexif and exif 0.6.19 released

This release fixes a security vulnerability found in libexif 0.6.18, plus manages to squeeze in a substantial performance improvement. Also included are new translations for be, en_GB, it, ja, pt, sq and zh_CN locales.

Posted by Dan Fandrich 2009-11-13

libexif and exif 0.6.18 released

This release's highlights include greatly expanded API documentation and sample programs, improved support for Pentax, Casio and Epson MakerNotes, increased stability in the face of corrupted JPEG files, and proper output alignment in UTF-8 locales. EXIF tag fixup is now more eager in the default case, which means that more mandatory tags are added when needed and others automatically corrected to be of the proper data types. New translations for da, is, it, lv, pt_BR and sr locales are also included.... read more

Posted by Dan Fandrich 2009-10-10

libexif - new design

Hi everybody!

If you are looking for an EXIF library that is well-designed, written in C, supports loading, editing (!) and saving (!), and supports internationalization by design, libexif is what you are looking for.

I still need help regarding manufacturer-specific tags. I imagine this library to be used in various programs (both with GUI and command-line tools), thus reducing the need for reinventing the wheel. If you already have an EXIF implementation, please look into contributing to this library and using it instead of your own implementation.... read more

Posted by Lutz Müller 2002-02-11

AOLserver loadable module

There is now code for an AOLserver loadable module in the 'aolserver' directory.

Posted by Curtis Galloway 2000-10-25