Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 25 Mar 2022 07:09:27 +0000
From:      bugzilla-noreply@freebsd.org
To:        ports-bugs@FreeBSD.org
Subject:   [Bug 260590] URGENT graphics/p5-Image-ExifTool security update needs commit since February, Request MAINTAINER'ship
Message-ID:  <bug-260590-7788-2kDilWwlqY@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-260590-7788@https.bugs.freebsd.org/bugzilla/>
References:  <bug-260590-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D260590

--- Comment #12 from commit-hook@FreeBSD.org ---
A commit in branch main references this bug:

URL:
https://cgit.FreeBSD.org/ports/commit/?id=3D53cfad57e02981559cf37679830b9b4=
9496218f3

commit 53cfad57e02981559cf37679830b9b49496218f3
Author:     Rafael Grether <devnull@apt322.org>
AuthorDate: 2022-01-29 17:33:17 +0000
Commit:     Tobias C. Berner <tcberner@FreeBSD.org>
CommitDate: 2022-03-25 07:06:40 +0000

    graphics/p5-Image-ExifTool: update to 12.30

    ExifTool is a platform-independent Perl library plus a command-line
application
    for reading, writing and editing meta information in a wide variety of
files.

    ExifTool is at version 12.30 in production release.
    Besides minor fixes and improvements, this release is about security fi=
xes.

    CVE-2021-22204
    Anyone using ExifTool (Version 12.24) can be triggered with a valid ima=
ge
    leading to arbitrary code execution, through
    improper neutralization of user data in the DjVu file format

    Other security fixes without CVE related.

    * Give maintainership to Rafael Grether

    Approved by:    evin@sevenlayer.studio (maintainer, timeout)
    PR:             260590
    Security:       CVE-2021-22204

 graphics/p5-Image-ExifTool/Makefile  |  6 +++---
 graphics/p5-Image-ExifTool/distinfo  |  6 +++---
 graphics/p5-Image-ExifTool/pkg-descr | 27 +++++++++++++++------------
 graphics/p5-Image-ExifTool/pkg-plist | 14 ++++++++++++--
 4 files changed, 33 insertions(+), 20 deletions(-)

--=20
You are receiving this mail because:
You are on the CC list for the bug.=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-260590-7788-2kDilWwlqY>