[Bug 250616] graphics/jpeg: update or remove
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sun Oct 25 22:45:37 UTC 2020
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=250616
Bug ID: 250616
Summary: graphics/jpeg: update or remove
Product: Ports & Packages
Version: Latest
Hardware: Any
OS: Any
Status: New
Keywords: security
Severity: Affects Only Me
Priority: ---
Component: Individual Port(s)
Assignee: portmgr at FreeBSD.org
Reporter: jbeich at FreeBSD.org
Assignee: portmgr at FreeBSD.org
Flags: maintainer-feedback?(portmgr at FreeBSD.org)
v8d was released on 2012-01-15 while v9d (current) was released on 2020-01-12.
The version in ports is vulnerable to at least CVE-2020-14152 and
CVE-2020-14153.
If you plan to update also add USES=cpe with CPE_VENDOR=ijg
CPE_PRODUCT=libjpeg. Alternatively, there's no reason to keep this port after
ports r397084 with review D18724 partially confirimng lack of interest.
https://www.ijg.org/files/
https://repology.org/project/jpeg/versions
https://nvd.nist.gov/vuln/search/results?form_type=Advanced&results_type=overview&seach_type=all&query=cpe:2.3:a:ijg:libjpeg:8d
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list