From nobody Sat Jan 29 17:58:32 2022 X-Original-To: ports-bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id A56901984210 for ; Sat, 29 Jan 2022 17:58:33 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JmMWX5P8Vz3mgk for ; Sat, 29 Jan 2022 17:58:32 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 1704C1A139 for ; Sat, 29 Jan 2022 17:58:32 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 20THwVKr004898 for ; Sat, 29 Jan 2022 17:58:31 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 20THwVpB004897 for ports-bugs@FreeBSD.org; Sat, 29 Jan 2022 17:58:31 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 260590] graphics/p5-Image-ExifTool: Update to 12.30, Request MAINTAINER'ship Date: Sat, 29 Jan 2022 17:58:32 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: needs-patch, needs-qa, security X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: devnull@apt322.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: Normal X-Bugzilla-Assigned-To: ports-bugs@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback- maintainer-feedback? maintainer-feedback+ merge-quarterly? X-Bugzilla-Changed-Fields: flagtypes.name Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Ports bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-ports-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-ports-bugs@freebsd.org X-BeenThere: freebsd-ports-bugs@freebsd.org MIME-Version: 1.0 ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1643479113; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=xIWDyiMf97p5o7LcjmwB2l009/VlsxSU1N3JD9T4+8o=; b=jldeUWYcIEpplwML4c8JJzsTkoSK8Pqr2i8lP9pCyegFu3CWe9OD3qV+APzcrmcsw7Z+z5 Svpx8nOILZ1l3jx2lhCSRb3WGxYnSjcx6FrZI6ZGkfvVuMnJ9PgJtjoOru+2W4hrWRY3E1 XHRHazohiGjL0k99tSgKLhQ0eOHDUF4Vr3fHZCysKS2Jr1cfxrs4+dSXqTYkWlx4EUjMs3 CG/UhTuH40wP9JGDydi8eU6Blh9S68CymmjhHn40h75Q8q9MIDeG+u5cG9/ZsDn718u3X5 TIKqR8BdMKcZ01JcvEmV5unLQzISzS3EZX2Cf2IWnT2IyjAtuxrndgwsD98W+A== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1643479113; a=rsa-sha256; cv=none; b=r5Li7rDGC7Oo1Sew8J+iBWmpHrJXZVJS92hReXKojt9ADeKdUBaRHcpIHCdFh1yKg3xn/P gbaryPm6Ir3h6+m7lJ1dlujFS81K/lwDUwZxogVNxoXmlQSh6HGvT01MhZ4LWPa9eE1FAf 077cxCf8HbOlCFafNX/i/5Woe45ULZgVgo5AUa9huDdjet2LSTFeC91gLb7CJ9ZkgbF/Iz QB8dWaT4ukkHpzSBWlGpahPKGH6wjgfyf2qf4rQ3xFB+XnrSxT1bPv2Spo2hS+PgHI80nw Y914r1XEt/c86oSqFy/IQWMHdzlkn8l5z/VeKL6QeJUW5jXQkIxhZr5eyQbo8Q== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D260590 Rafael Grether changed: What |Removed |Added ---------------------------------------------------------------------------- Flags|maintainer-feedback?(devin@ |maintainer-feedback-, |sevenlayer.studio), |maintainer-feedback+ |maintainer-feedback?(devnul | |l@apt322.org) | --- Comment #7 from Rafael Grether --- ports-secteam, since the maintainer did not respond, please commit these changes and change the maintainer. Last commit with QA adjustment. ExifTool is at version 12.30 in production release. Besides minor fixes and improvements, this release is about security fixes. CVE-2021-22204 Anyone using ExifTool (Version 12.24) can be triggered with a valid image leading to arbitrary code execution, through improper neutralization of user data in the DjVu file format --=20 You are receiving this mail because: You are the assignee for the bug.=