| Message ID | 20240712080641.65080-1-alperyasinak1@gmail.com |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [meta-oe] exiv2: Upgrade 0.28.2 to 0.28.3 for CVE fix | expand |
diff --git a/meta-oe/recipes-support/exiv2/exiv2_0.28.2.bb b/meta-oe/recipes-support/exiv2/exiv2_0.28.3.bb similarity index 86% rename from meta-oe/recipes-support/exiv2/exiv2_0.28.2.bb rename to meta-oe/recipes-support/exiv2/exiv2_0.28.3.bb index faae24799..3e33ab795 100644 --- a/meta-oe/recipes-support/exiv2/exiv2_0.28.2.bb +++ b/meta-oe/recipes-support/exiv2/exiv2_0.28.3.bb @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=625f055f41728f84a8d7938acc35bdc2" DEPENDS = "zlib expat brotli libinih" SRC_URI = "git://github.com/Exiv2/exiv2.git;protocol=https;branch=0.28.x" -SRCREV = "04207b9c39bf7b3b1a7144f7ed4e4f16b4f29ef6" +SRCREV = "a6a79ef064f131ffd03c110acce2d3edb84ffa2e" S = "${WORKDIR}/git" inherit cmake gettext
Release Notes: * https://github.com/Exiv2/exiv2/issues/3008 * https://github.com/Exiv2/exiv2/milestone/14?closed=1 This release also fixes a low-severity security issue in asfvideo.cpp: * [CVE-2024-39695](https://github.com/Exiv2/exiv2/security/advisories/GHSA-38rv-8x93-pvrh): out-of-bounds read in AsfVideo::streamProperties. This vulnerability is in a new feature (ASF video) that was added in version 0.28.0, so earlier versions of Exiv2 are not affected. Signed-off-by: alperak <alperyasinak1@gmail.com> --- .../recipes-support/exiv2/{exiv2_0.28.2.bb => exiv2_0.28.3.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-oe/recipes-support/exiv2/{exiv2_0.28.2.bb => exiv2_0.28.3.bb} (86%)