[Bug 260590] URGENT graphics/p5-Image-ExifTool security update needs commit since February, Request MAINTAINER'ship

From: <bugzilla-noreply_at_freebsd.org>
Date: Fri, 25 Mar 2022 07:09:30 UTC

--- Comment #14 from commit-hook@FreeBSD.org ---
A commit in branch 2022Q1 references this bug:


commit 96447b146b5cb4f0eff34a16057f3b04f79538ea
Author:     Rafael Grether <devnull@apt322.org>
AuthorDate: 2022-01-29 17:33:17 +0000
Commit:     Tobias C. Berner <tcberner@FreeBSD.org>
CommitDate: 2022-03-25 07:08:58 +0000

    graphics/p5-Image-ExifTool: update to 12.30

    ExifTool is a platform-independent Perl library plus a command-line
    for reading, writing and editing meta information in a wide variety of

    ExifTool is at version 12.30 in production release.
    Besides minor fixes and improvements, this release is about security fixes.

    Anyone using ExifTool (Version 12.24) can be triggered with a valid image
    leading to arbitrary code execution, through
    improper neutralization of user data in the DjVu file format

    Other security fixes without CVE related.

    * Give maintainership to Rafael Grether

    Approved by:    evin@sevenlayer.studio (maintainer, timeout)
    PR:             260590
    Security:       CVE-2021-22204

    (cherry picked from commit 53cfad57e02981559cf37679830b9b49496218f3)

 graphics/p5-Image-ExifTool/Makefile  |  6 +++---
 graphics/p5-Image-ExifTool/distinfo  |  6 +++---
 graphics/p5-Image-ExifTool/pkg-descr | 27 +++++++++++++++------------
 graphics/p5-Image-ExifTool/pkg-plist | 14 ++++++++++++--
 4 files changed, 33 insertions(+), 20 deletions(-)

You are receiving this mail because:
You are on the CC list for the bug.