--- - branch: MAIN date: Tue May 19 11:20:01 UTC 2020 files: - new: '1.48' old: '1.47' path: pkgsrc/graphics/libexif/Makefile pathrev: pkgsrc/graphics/libexif/Makefile@1.48 type: modified - new: '1.22' old: '1.21' path: pkgsrc/graphics/libexif/PLIST pathrev: pkgsrc/graphics/libexif/PLIST@1.22 type: modified - new: '1.32' old: '1.31' path: pkgsrc/graphics/libexif/distinfo pathrev: pkgsrc/graphics/libexif/distinfo@1.32 type: modified - new: '0' old: '1.2' path: pkgsrc/graphics/libexif/patches/patch-libexif_exif-data.c pathrev: pkgsrc/graphics/libexif/patches/patch-libexif_exif-data.c@0 type: deleted id: 20200519T112001Z.7be2556a9ea95a3920350624f31813b55efb1619 log: | libexif: Update to 0.6.22 libexif-0.6.22 (2020-05-18): * New translations: ms * Updated translations for most languages * Fixed C89 compatibility * Fixed warnings on recent versions of autoconf * Some useful EXIF 2.3 tag added: * EXIF_TAG_GAMMA * EXIF_TAG_COMPOSITE_IMAGE * EXIF_TAG_SOURCE_IMAGE_NUMBER_OF_COMPOSITE_IMAGE * EXIF_TAG_SOURCE_EXPOSURE_TIMES_OF_COMPOSITE_IMAGE * EXIF_TAG_GPS_H_POSITIONING_ERROR * EXIF_TAG_CAMERA_OWNER_NAME * EXIF_TAG_BODY_SERIAL_NUMBER * EXIF_TAG_LENS_SPECIFICATION * EXIF_TAG_LENS_MAKE * EXIF_TAG_LENS_MODEL * EXIF_TAG_LENS_SERIAL_NUMBER * Lots of fixes exposed by fuzzers like AFL, ClusterFuzz, OSSFuzz and others. * CVE-2018-20030: Fix for recursion DoS * CVE-2020-13114: Time consumption DoS when parsing canon array markers * CVE-2020-13113: Potential use of uninitialized memory * CVE-2020-13112: Various buffer overread fixes due to integer overflows in maker notes * CVE-2020-0093: read overflow * CVE-2019-9278: replaced integer overflow checks the compiler could optimize away by safer constructs * CVE-2020-12767: fixed division by zero * CVE-2016-6328: fixed integer overflow when parsing maker notes * CVE-2017-7544: fixed buffer overread module: pkgsrc subject: 'CVS commit: pkgsrc/graphics/libexif' unixtime: '1589887201' user: nia