'Re: DSA-3708-1 mat -- security update (What are MAT users to do)?'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       debian-security
Subject:    Re: DSA-3708-1 mat -- security update (What are MAT users to do)?
From:       Stephen Dowdy <sdowdy () ucar ! edu>
Date:       2016-11-13 16:28:34
Message-ID: CA+CZZDY301-0w8vPRiBB=iZWuFtSKapcA75s+VesAAAbL5v4DA () mail ! gmail ! com
[Download RAW message or body]

> On Sun, Nov 13, 2016 at 5:47 AM, intrigeri <intrigeri@debian.org> wrote:
> Robert Haist:
> > For PDFs you can use exiftool from the libimage-exiftool-perl to remove
> > metadata:
> >       exiftool -all= example.pdf
> > This works for me.
>
> Does this address the problem (metadata in embedded images) that
> triggered us from removing this functionality from MAT?

Assuming the documentation is correct, the manpage for exiftool states:

>            3) Changes to PDF files are reversible because the original
information is never actually deleted from the file.  >               So
ExifTool alone may not be used to securely edit metadata in PDF files.

that sounds like a "NO".  :-(

--stephen



-- 
Stephen Dowdy  -  Systems Administrator  -  NCAR/RAL
303.497.2869   -  sdowdy@ucar.edu        -  http://www.ral.ucar.edu/~sdowdy/

[Attachment #3 (text/html)]

<div dir="ltr"><div class="gmail_default" style="font-family:monospace,monospace">&gt; On Sun, \
Nov 13, 2016 at 5:47 AM, intrigeri &lt;<a \
href="mailto:intrigeri@debian.org">intrigeri@debian.org</a>&gt; wrote:<br>&gt; Robert \
Haist:<br>&gt; &gt; For PDFs you can use exiftool from the libimage-exiftool-perl to \
remove<br>&gt; &gt; metadata:<br>&gt; &gt;             exiftool -all= example.pdf<br>&gt; &gt; \
This works for me.<br>&gt; <br>&gt; Does this address the problem (metadata in embedded images) \
that<br>&gt; triggered us from removing this functionality from MAT?<br> <br>Assuming the \
documentation is correct, the manpage for exiftool states:<br><br>&gt;                       3) \
Changes to PDF files are reversible because the original information is never actually deleted \
from the file.   &gt;                             So ExifTool alone may not be used to securely \
edit metadata in PDF files.<br><br></div><div class="gmail_default" \
style="font-family:monospace,monospace">that sounds like a &quot;NO&quot;.   \
:-(<br><br></div><div class="gmail_default" \
style="font-family:monospace,monospace">--stephen<br></div><div class="gmail_extra"><br><br \
clear="all"><br>-- <br><div class="gmail_signature">Stephen Dowdy   -   Systems Administrator   \
-   NCAR/RAL<br>303.497.2869     -   <a href="mailto:sdowdy@ucar.edu" \
target="_blank">sdowdy@ucar.edu</a>            -   <a href="http://www.ral.ucar.edu/%7Esdowdy/" \
target="_blank">http://www.ral.ucar.edu/~sdowdy/</a><br><br><br></div> </div></div>



[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic