svn commit: r526229 - in branches/2020Q1/graphics/libexif: . files
Danilo G. Baio
dbaio at FreeBSD.org
Sat Feb 15 16:28:42 UTC 2020
Author: dbaio
Date: Sat Feb 15 16:28:41 2020
New Revision: 526229
URL: https://svnweb.freebsd.org/changeset/ports/526229
Log:
MFH: r526071
graphics/libexif: Fix security vulnerabilities
- Fix CVE-2019-9278
In libexif, there is a possible out of bounds write due to an integer
overflow. This could lead to remote escalation of privilege in the media
content provider with no additional execution privileges needed. User
interaction is needed for exploitation.
- Fix a buffer read overflow in exif_entry_get_value
- Fix a buffer overread in exif_mnote_data_olympus_load
PR: 244060
Reported by: tj at mrsk.me (email)
Approved by: former maintainer
Security: 00f30cba-4d23-11ea-86ba-641c67a117d8
Approved by: ports-secteam (blanket, backport of security fixes)
Added:
branches/2020Q1/graphics/libexif/files/
- copied from r526071, head/graphics/libexif/files/
Modified:
branches/2020Q1/graphics/libexif/Makefile
Directory Properties:
branches/2020Q1/ (props changed)
Modified: branches/2020Q1/graphics/libexif/Makefile
==============================================================================
--- branches/2020Q1/graphics/libexif/Makefile Sat Feb 15 16:05:44 2020 (r526228)
+++ branches/2020Q1/graphics/libexif/Makefile Sat Feb 15 16:28:41 2020 (r526229)
@@ -3,11 +3,11 @@
PORTNAME= libexif
PORTVERSION= 0.6.21
-PORTREVISION= 4
+PORTREVISION= 5
CATEGORIES= graphics
MASTER_SITES= SF
-MAINTAINER= marius at nuenneri.ch
+MAINTAINER= dbaio at FreeBSD.org
COMMENT= Library to read digital camera file meta-data
LICENSE= LGPL21
More information about the svn-ports-branches
mailing list