[Secure-testing-team] resolving hard TODOs
Stefan Fritsch
sfritsch at ph.tum.de
Fri Mar 4 09:11:42 UTC 2005
Hi,
On Friday 04 March 2005 01:39, Micah Anderson wrote:
> > > 3. What packages modify JPEG images (CAN-2005-0406)[7]?
> >
> > Might be better to limit this to which ones do not modify the
> > EXIF thumbnail. Otherwise it invites many reduandant emails of
> > "imagemagick and the gimp".
> >
> > Hmm, if we could make a jpeg with an interesting and unique EXIF
> > thumbnail, it would be easy for people to test this in many apps.
> > I don't know how to do that however..
>
> Yeah, I have no clue about this either... I was hoping that if
> replies/follow-ups were sent to debian-devel then people
> would/should read other people's responses before they contributed
> their "gimp" message. I assume that we'll have a certain amount of
> cruft to cut away, but having extra is much better than having
> none, which we have now.
I have created a jpg [1] whith a Debian logo where the thumbnail
contains a green swirl instead of the red one. If the file is loaded
into a program doing the right thing (e.g. gimp) and saved again, the
swirl in the thumbnail turns read. If a program is doing the wrong
thing (e.g. convert [2]), the thumbnail stays green. An even better
demonstration is for example
convert exiftest.jpg -draw "rectangle 0,0 300,300 fill black" out.jpg
draws a black rectangle over the swirl, but the thumbnail in out.jpg
still has the green swirl. What do you think?
I don't know an image viewer that will always use the exif thumbnail.
Konqueror and gwenview will sometimes use the exif thumbnail and
sometimes create their own. The only reliable way to view the
thumbnail I know is "exif -e exiftest.jpg" [2] and look at the
created file.
Cheers,
Stefan
[1] http://www.sfritsch.de/debian/exiftest.jpg
[2] convert is from package "imagemagick" and exif is from "exif"
More information about the Secure-testing-team
mailing list