From nobody Wed Jan 19 00:28:48 2022 X-Original-To: ports-bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4ADB71956015 for ; Wed, 19 Jan 2022 00:28:49 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Jdmhx0H2Gz4j6r for ; Wed, 19 Jan 2022 00:28:49 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id A7B1531F3 for ; Wed, 19 Jan 2022 00:28:48 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 20J0Smnl069820 for ; Wed, 19 Jan 2022 00:28:48 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 20J0SmFt069819 for ports-bugs@FreeBSD.org; Wed, 19 Jan 2022 00:28:48 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 260590] graphics/p5-Image-ExifTool: Update to 12.30 Date: Wed, 19 Jan 2022 00:28:48 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: needs-patch, needs-qa, security X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: koobs@FreeBSD.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: Normal X-Bugzilla-Assigned-To: ports-bugs@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback? merge-quarterly? X-Bugzilla-Changed-Fields: bug_severity bug_status priority bug_file_loc cc keywords flagtypes.name Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Ports bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-ports-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-ports-bugs@freebsd.org X-BeenThere: freebsd-ports-bugs@freebsd.org MIME-Version: 1.0 ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1642552129; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=cz2+BRqfpszA/wViuB2+NnPOf3o9ROMJuMXUD5Ip4h0=; b=jOCrLzKIPNzhtmOcywU89S7tuBtviWqIKQ+jgW6HfImt/2+okMp9hxMivzHKKHLDxBKyAO EENILj9xh3u2EaVY6vRzlVcJ//y7p0vPGM8G3maMs5VoQAkeRfZSqDBQ8yzbQnNyrRp5/4 a6BMfl2dbTYVoJ88r5oaW65qnDSoy5R3JeLwr5e52hrFd/IE3maZC4KFtoL8qgm4DSuy2M mEXcW3IdZQO6CBzEA7PtiaDAx8y14KgNw55yjilkIai9o6ABL45/Wf9IPC+UtjXvqzjAU8 KB4rl04DHsjP8g0ihfWpoPrLC0b9ol7nBlo2KQx0T4bWr4G2h5ub0PFtyet6hA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1642552129; a=rsa-sha256; cv=none; b=IZHmo+u5A32yH8+SGpK3VlQb15YlTCmX5lq/EoqHwLux2ZnZ6Vgsq/x5lJfFR+HD+/KswW HgHOMiFqASpmrWtTjZ+28U9Pnst1uOIH/ZqHeIlZU9vOGMmqP4eBALMZF68OzLvmTGngaY hg7u+LJyN7gOEPV/XX95y5yFp3a3wRUt6J8x8zef0ulHPbB8cVqAE73WN5m8SSVr162Djk OQjWRX/ljIDpzZ7k1/P1tXdOja0dqzucU98gk+cWprXv48lIqMz4NNs8Wbv5zPJvMVSgCH 9AWTBYbVEnIb9OT8sBdoj5ge86oOmhrBcNWmZwGkIKT12phSbSORwHmqu5e5hA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D260590 Kubilay Kocak changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|Affects Only Me |Affects Many People Status|New |Open Priority|--- |Normal URL| |https://metacpan.org/dist/I | |mage-ExifTool/changes CC| |ports-secteam@FreeBSD.org Keywords| |needs-patch, needs-qa, | |security Flags| |merge-quarterly? --- Comment #1 from Kubilay Kocak --- Among a substantial number of bugfixes, there have been multiple security vulnerabilities addressed in versions between current port version and the latest: July 9, 2021 - Version 12.29 .. - Patched a security issue May 20, 2021 - Version 12.26 (production release) .. - Patched security vulnerability in argument of -lang option Apr. 13, 2021 - Version 12.24 ... - Patched security vulnerability in DjVu reader 1) We'll need security/vuxml entries for these along with additional information from upstream on their nature, including CVE and other upstream (issue, pr, commit) reference links where available So that the security changes can be merged to quarterly branch, and given t= here have been some API changes in prior versions, either: - Separation/backporting of the security fixes (commits) separately and pri= or to the version update, OR - Confirmation that the latest version is supported by, and works with all ports that depend on it, so that the latest version can be merged to quarte= rly without regression. --=20 You are receiving this mail because: You are the assignee for the bug.=