[Bug 260590] URGENT graphics/p5-Image-ExifTool security update needs commit since February, Request MAINTAINER'ship

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 260590] graphics/p5-Image-ExifTool: Update to 12.30"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Fri, 25 Mar 2022 07:09:27 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260590

--- Comment #12 from commit-hook@FreeBSD.org ---
A commit in branch main references this bug:

URL:
https://cgit.FreeBSD.org/ports/commit/?id=53cfad57e02981559cf37679830b9b49496218f3

commit 53cfad57e02981559cf37679830b9b49496218f3
Author:     Rafael Grether <devnull@apt322.org>
AuthorDate: 2022-01-29 17:33:17 +0000
Commit:     Tobias C. Berner <tcberner@FreeBSD.org>
CommitDate: 2022-03-25 07:06:40 +0000

    graphics/p5-Image-ExifTool: update to 12.30

    ExifTool is a platform-independent Perl library plus a command-line
application
    for reading, writing and editing meta information in a wide variety of
files.

    ExifTool is at version 12.30 in production release.
    Besides minor fixes and improvements, this release is about security fixes.

    CVE-2021-22204
    Anyone using ExifTool (Version 12.24) can be triggered with a valid image
    leading to arbitrary code execution, through
    improper neutralization of user data in the DjVu file format

    Other security fixes without CVE related.

    * Give maintainership to Rafael Grether

    Approved by:    evin@sevenlayer.studio (maintainer, timeout)
    PR:             260590
    Security:       CVE-2021-22204

 graphics/p5-Image-ExifTool/Makefile  |  6 +++---
 graphics/p5-Image-ExifTool/distinfo  |  6 +++---
 graphics/p5-Image-ExifTool/pkg-descr | 27 +++++++++++++++------------
 graphics/p5-Image-ExifTool/pkg-plist | 14 ++++++++++++--
 4 files changed, 33 insertions(+), 20 deletions(-)

-- 
You are receiving this mail because:
You are on the CC list for the bug.