[Bug 255803] graphics/p5-Image-ExifTool: Update to 12.25

Tue May 11 21:24:21 UTC 2021

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255803

            Bug ID: 255803
           Summary: graphics/p5-Image-ExifTool: Update to 12.25
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-bugs at FreeBSD.org
          Reporter: feld at FreeBSD.org
                CC: devin at sevenlayer.studio
             Flags: maintainer-feedback?(devin at sevenlayer.studio)
                CC: devin at sevenlayer.studio

Created attachment 224861
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=224861&action=edit
exiftool patch

I only suggest we bump to 12.25 which is a development release instead of the
latest production release because there is a severe security bug that has only
been fixed in development releases.

https://exiftool.org/history.html  <-- still lists 12.16 as latest

https://seclists.org/oss-sec/2021/q2/114

I am told that this is exploitable with specially crafted files that are not
DJVU -- like common formats of JPEG, PNG, etc -- but I haven't found a public
PoC for that.

-- 
You are receiving this mail because:
You are the assignee for the bug.