pkgsrc-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Update graphics/exiv2 to 0.25 (security related)



-organize still works, I have imported your patch. Now pending a pullup.

On Fri, Oct 2, 2015 at 10:08 PM, Benny Siegert <bsiegert%gmail.com@localhost> wrote:
> Did you tests that exiv2-organize (which is based on the same
> Makefile.common) still works?
>
> On Fri, Oct 2, 2015 at 6:45 AM, Timo Buhrmester <fstd.lkml%gmail.com@localhost> wrote:
>> The attached patch updates graphics/exiv2 from 0.24 to 0.25, which should fix
>>> Package exiv2-0.24 has a heap-overflow vulnerability, see http://dev.exiv2.org/issues/960
>>
>> (but probably not)
>>> Package exiv2-0.24 has a buffer-overflow vulnerability, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781123
>>
>> This is the first time I'm updating a package I didn't create myself, so it would probably be good if someone gave it a quick look whether it looks reasonable.
>
>
>
> --
> The first essential in chemistry is that you should perform practical
> work and conduct experiments, for he who performs not practical work
> nor makes experiments will never attain the least degree of mastery.
>         -- Abu Musa Jabir ibn Hayyan (721-815)



-- 
The first essential in chemistry is that you should perform practical
work and conduct experiments, for he who performs not practical work
nor makes experiments will never attain the least degree of mastery.
        -- Abu Musa Jabir ibn Hayyan (721-815)


Home | Main Index | Thread Index | Old Index