Gentoo Linux Security Advisory 201401-10 - Multiple vulnerabilities have been found in libexif and exif, some of which may allow execution of arbitrary code. Versions less than 0.6.21 are affected.
8e049747b64ce62958b8188f01ce787852d0b8fe60a51cc5691962b2625a6ff0
Mandriva Linux Security Advisory 2013-036 - An integer overflow in the function jpeg_data_load_data in the exif program could cause a data read beyond the end of a buffer, causing an application crash or leakage of potentially sensitive information when parsing a crafted JPEG file. The updated packages have been upgraded to the 0.6.21 version which is not vulnerable to this issue.
754944eef269681687b7e7fce622ad18c60808cb575b176e05056d26a1560f49
Slackware Security Advisory - New libexif packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.
432c888fca3acb53d1dbcdc76f8ea6c6b19a0fb1b46e33e9d69dedb3d9cddaff
A large amount of heap and buffer overflows along with denial of service conditions have been addressed in libexif. Versions 0.6.20 and below are affected.
7c6eb35c0114a47e761fa33fe4d24e97391d0ae94702f7a6c5114836348d9739
Mandriva Linux Security Advisory 2012-107 - An integer overflow in the function jpeg_data_load_data in the exif program could cause a data read beyond the end of a buffer, causing an application crash or leakage of potentially sensitive information when parsing a crafted JPEG file. The updated packages have been upgraded to the 0.6.21 version which is not vulnerable to this issue.
b2dc97f87485b52e2552d28d3ed742ece7d392a5a8d9f71352f4c71ba1e77497