1 |
commit: 5b20f7125508f3a30f11bbb08f89ee86ad68d28e |
2 |
Author: Andreas K. Hüttel <dilfridge <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sun May 30 20:34:41 2021 +0000 |
4 |
Commit: Andreas K. Hüttel <dilfridge <AT> gentoo <DOT> org> |
5 |
CommitDate: Sun May 30 21:00:51 2021 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5b20f712 |
7 |
|
8 |
media-libs/exiftool: Remove old |
9 |
|
10 |
Bug: https://bugs.gentoo.org/791397 |
11 |
Package-Manager: Portage-3.0.18, Repoman-3.0.2 |
12 |
Signed-off-by: Andreas K. Hüttel <dilfridge <AT> gentoo.org> |
13 |
|
14 |
media-libs/exiftool/Manifest | 1 - |
15 |
media-libs/exiftool/exiftool-12.16-r1.ebuild | 27 ------------------- |
16 |
.../files/exiftool-12.16-CVE-2021-22204.patch | 30 ---------------------- |
17 |
3 files changed, 58 deletions(-) |
18 |
|
19 |
diff --git a/media-libs/exiftool/Manifest b/media-libs/exiftool/Manifest |
20 |
index c696d302572..c4c4e2179f3 100644 |
21 |
--- a/media-libs/exiftool/Manifest |
22 |
+++ b/media-libs/exiftool/Manifest |
23 |
@@ -1,2 +1 @@ |
24 |
-DIST Image-ExifTool-12.16.tar.gz 4888506 BLAKE2B d262f087b4334c01ed927945aa0b072c90eaf7322af017030ef193b8b20fc7ce7008b69c483bc83d1dbe0ceab5bcb7e894e5085cae853a1d9d74f72b9c8a360e SHA512 adfd21834ccf06277903712b3c5e328b29c56f3b30ee68f6802dca0820823b627622e55f53238690525d1d19df2a59cb57f9d80a1bb2e99da37fb7d963ee16ee |
25 |
DIST Image-ExifTool-12.26.tar.gz 4933296 BLAKE2B e45683243b82f8276aee498d52a88d5b34eaf8b28aebdd631f70e30bb91ceb52224dc994ed189b914f024be4eb471b07bf9f1d860d96af2ab211e482b9ea194e SHA512 15bbff738e151d3ed5c77a17c99ded6cc3da2050fe7df94c42aea544aa31d7f539d70d07fd5336ae018af05b7f168712f1367046d8004861fce58442c03f82bd |
26 |
|
27 |
diff --git a/media-libs/exiftool/exiftool-12.16-r1.ebuild b/media-libs/exiftool/exiftool-12.16-r1.ebuild |
28 |
deleted file mode 100644 |
29 |
index b834f5c9407..00000000000 |
30 |
--- a/media-libs/exiftool/exiftool-12.16-r1.ebuild |
31 |
+++ /dev/null |
32 |
@@ -1,27 +0,0 @@ |
33 |
-# Copyright 1999-2021 Gentoo Authors |
34 |
-# Distributed under the terms of the GNU General Public License v2 |
35 |
- |
36 |
-EAPI=7 |
37 |
- |
38 |
-DIST_NAME=Image-ExifTool |
39 |
-inherit perl-module |
40 |
- |
41 |
-DESCRIPTION="Read and write meta information in image, audio and video files" |
42 |
-HOMEPAGE="https://exiftool.org/" |
43 |
-SRC_URI="https://exiftool.org/${DIST_P}.tar.gz" |
44 |
- |
45 |
-SLOT="0" |
46 |
-KEYWORDS="amd64 arm64 ppc ppc64 x86 ~x64-macos" |
47 |
-IUSE="doc" |
48 |
- |
49 |
-PATCHES=( "${FILESDIR}"/exiftool-12.16-CVE-2021-22204.patch ) |
50 |
- |
51 |
-SRC_TEST="do" |
52 |
- |
53 |
-src_install() { |
54 |
- perl-module_src_install |
55 |
- use doc && dodoc -r html/ |
56 |
- |
57 |
- insinto /usr/share/${PN} |
58 |
- doins -r fmt_files config_files arg_files |
59 |
-} |
60 |
|
61 |
diff --git a/media-libs/exiftool/files/exiftool-12.16-CVE-2021-22204.patch b/media-libs/exiftool/files/exiftool-12.16-CVE-2021-22204.patch |
62 |
deleted file mode 100644 |
63 |
index 1c9e7921c6b..00000000000 |
64 |
--- a/media-libs/exiftool/files/exiftool-12.16-CVE-2021-22204.patch |
65 |
+++ /dev/null |
66 |
@@ -1,30 +0,0 @@ |
67 |
-Description: Fix 'eval injection". |
68 |
- CVE-2021-22204: Improper neutralization of user data in the DjVu file |
69 |
- format in ExifTool versions 7.44 and up allows arbitrary code execution |
70 |
- when parsing the malicious image |
71 |
-Origin: upstream release 12.24 |
72 |
-Bug-Debian: https://bugs.debian.org/987505 |
73 |
-Bug-Ubuntu: https://bugs.launchpad.net/bugs/1925985 |
74 |
-Author: Phil Harvey <philharvey66@×××××.com> |
75 |
-Reviewed-by: gregor herrmann <gregoa@××××××.org> |
76 |
-Last-Update: 2021-04-24 |
77 |
-Applied-Upstream: https://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800 |
78 |
- |
79 |
---- a/lib/Image/ExifTool/DjVu.pm |
80 |
-+++ b/lib/Image/ExifTool/DjVu.pm |
81 |
-@@ -227,10 +227,11 @@ |
82 |
- last unless $tok =~ /(\\+)$/ and length($1) & 0x01; |
83 |
- $tok .= '"'; # quote is part of the string |
84 |
- } |
85 |
-- # must protect unescaped "$" and "@" symbols, and "\" at end of string |
86 |
-- $tok =~ s{\\(.)|([\$\@]|\\$)}{'\\'.($2 || $1)}sge; |
87 |
-- # convert C escape sequences (allowed in quoted text) |
88 |
-- $tok = eval qq{"$tok"}; |
89 |
-+ # convert C escape sequences, allowed in quoted text |
90 |
-+ # (note: this only converts a few of them!) |
91 |
-+ my %esc = ( a => "\a", b => "\b", f => "\f", n => "\n", |
92 |
-+ r => "\r", t => "\t", '"' => '"', '\\' => '\\' ); |
93 |
-+ $tok =~ s/\\(.)/$esc{$1}||'\\'.$1/egs; |
94 |
- } else { # key name |
95 |
- pos($$dataPt) = pos($$dataPt) - 1; |
96 |
- # allow anything in key but whitespace, braces and double quotes |