Date: Sun, 25 Oct 2020 22:45:36 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 250616] graphics/jpeg: update or remove Message-ID: <bug-250616-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D250616 Bug ID: 250616 Summary: graphics/jpeg: update or remove Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Keywords: security Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: portmgr@FreeBSD.org Reporter: jbeich@FreeBSD.org Assignee: portmgr@FreeBSD.org Flags: maintainer-feedback?(portmgr@FreeBSD.org) v8d was released on 2012-01-15 while v9d (current) was released on 2020-01-= 12. The version in ports is vulnerable to at least CVE-2020-14152 and CVE-2020-14153. If you plan to update also add USES=3Dcpe with CPE_VENDOR=3Dijg CPE_PRODUCT=3Dlibjpeg. Alternatively, there's no reason to keep this port a= fter ports r397084 with review D18724 partially confirimng lack of interest. https://www.ijg.org/files/ https://repology.org/project/jpeg/versions https://nvd.nist.gov/vuln/search/results?form_type=3DAdvanced&results_type= =3Doverview&seach_type=3Dall&query=3Dcpe:2.3:a:ijg:libjpeg:8d --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-250616-7788>