[Bug 260590] URGENT graphics/p5-Image-ExifTool security update needs commit since February, Request MAINTAINER'ship
- In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 260590] graphics/p5-Image-ExifTool: Update to 12.30"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 25 Mar 2022 07:09:30 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260590
--- Comment #14 from commit-hook@FreeBSD.org ---
A commit in branch 2022Q1 references this bug:
URL:
https://cgit.FreeBSD.org/ports/commit/?id=96447b146b5cb4f0eff34a16057f3b04f79538ea
commit 96447b146b5cb4f0eff34a16057f3b04f79538ea
Author: Rafael Grether <devnull@apt322.org>
AuthorDate: 2022-01-29 17:33:17 +0000
Commit: Tobias C. Berner <tcberner@FreeBSD.org>
CommitDate: 2022-03-25 07:08:58 +0000
graphics/p5-Image-ExifTool: update to 12.30
ExifTool is a platform-independent Perl library plus a command-line
application
for reading, writing and editing meta information in a wide variety of
files.
ExifTool is at version 12.30 in production release.
Besides minor fixes and improvements, this release is about security fixes.
CVE-2021-22204
Anyone using ExifTool (Version 12.24) can be triggered with a valid image
leading to arbitrary code execution, through
improper neutralization of user data in the DjVu file format
Other security fixes without CVE related.
* Give maintainership to Rafael Grether
Approved by: evin@sevenlayer.studio (maintainer, timeout)
PR: 260590
Security: CVE-2021-22204
(cherry picked from commit 53cfad57e02981559cf37679830b9b49496218f3)
graphics/p5-Image-ExifTool/Makefile | 6 +++---
graphics/p5-Image-ExifTool/distinfo | 6 +++---
graphics/p5-Image-ExifTool/pkg-descr | 27 +++++++++++++++------------
graphics/p5-Image-ExifTool/pkg-plist | 14 ++++++++++++--
4 files changed, 33 insertions(+), 20 deletions(-)
--
You are receiving this mail because:
You are on the CC list for the bug.