Date: Sat, 15 Feb 2020 16:28:42 +0000 (UTC) From: "Danilo G. Baio" <dbaio@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r526229 - in branches/2020Q1/graphics/libexif: . files Message-ID: <202002151628.01FGSgOY084773@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: dbaio Date: Sat Feb 15 16:28:41 2020 New Revision: 526229 URL: https://svnweb.freebsd.org/changeset/ports/526229 Log: MFH: r526071 graphics/libexif: Fix security vulnerabilities - Fix CVE-2019-9278 In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider with no additional execution privileges needed. User interaction is needed for exploitation. - Fix a buffer read overflow in exif_entry_get_value - Fix a buffer overread in exif_mnote_data_olympus_load PR: 244060 Reported by: tj@mrsk.me (email) Approved by: former maintainer Security: 00f30cba-4d23-11ea-86ba-641c67a117d8 Approved by: ports-secteam (blanket, backport of security fixes) Added: branches/2020Q1/graphics/libexif/files/ - copied from r526071, head/graphics/libexif/files/ Modified: branches/2020Q1/graphics/libexif/Makefile Directory Properties: branches/2020Q1/ (props changed) Modified: branches/2020Q1/graphics/libexif/Makefile ============================================================================== --- branches/2020Q1/graphics/libexif/Makefile Sat Feb 15 16:05:44 2020 (r526228) +++ branches/2020Q1/graphics/libexif/Makefile Sat Feb 15 16:28:41 2020 (r526229) @@ -3,11 +3,11 @@ PORTNAME= libexif PORTVERSION= 0.6.21 -PORTREVISION= 4 +PORTREVISION= 5 CATEGORIES= graphics MASTER_SITES= SF -MAINTAINER= marius@nuenneri.ch +MAINTAINER= dbaio@FreeBSD.org COMMENT= Library to read digital camera file meta-data LICENSE= LGPL21
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202002151628.01FGSgOY084773>