Context Navigation

← Previous Ticket
Next Ticket →

#18825 closed enhancement (fixed)

exiv2-0.28.1

Reported by:	Bruce Dubbs	Owned by:	Douglas R. Reno
Priority:	elevated	Milestone:	12.1
Component:	BOOK	Version:	git
Severity:	normal	Keywords:
Cc:

Description

New point version.

Change History (8)

comment:1 by Xi Ruoyao, 6 months ago

There's no https://github.com/Exiv2/exiv2/releases/download/v0.28.1/exiv2-0.28.1-Source.tar.gz (yet).

comment:2 by Xi Ruoyao, 6 months ago

https://github.com/Exiv2/exiv2/archive/v0.28.1/exiv2-0.28.1.tar.gz works.

comment:3 by Xi Ruoyao, 6 months ago

There is a test suite in 0.28.1:

$ make test
Running tests...
Test project /home/xry111/sources/12.1/exiv2-0.28.1/b
    Start 1: bugfixTests
1/5 Test #1: bugfixTests ......................   Passed    5.24 sec
    Start 2: lensTests
2/5 Test #2: lensTests ........................   Passed    0.13 sec
    Start 3: tiffTests
3/5 Test #3: tiffTests ........................   Passed    0.09 sec
    Start 4: versionTests
4/5 Test #4: versionTests .....................   Passed    0.08 sec
    Start 5: regressionTests
5/5 Test #5: regressionTests ..................   Passed    2.25 sec

100% tests passed, 0 tests failed out of 5

Total Test time (real) =   7.78 sec

follow-up: 7 comment:4 by Xi Ruoyao, 6 months ago

There is a meson-based building system now, but the upstream says:

It is currently incomplete. Tests are not implemented yet. The library and executable are.

So switching to meson now seems premature. But maybe it's enough to demote cmake to recommended instead of required.

comment:5 by Xi Ruoyao, 6 months ago

Priority:	normal → elevated

Release Notes: https://github.com/Exiv2/exiv2/issues/2813

This release also fixes [CVE-2023-44398](https://github.com/Exiv2/exiv2/security/advisories/GHSA-hrw9-ggg3-3r4r), an out-of-bounds write in BmffImage::brotliUncompress. The vulnerability is in new code that was added in version 0.28.0, so earlier versions of Exiv2 are not affected.

comment:6 by Douglas R. Reno, 6 months ago

Owner:	changed from blfs-book to Douglas R. Reno
Status:	new → assigned

in reply to: 4 comment:7 by Bruce Dubbs, 6 months ago

Replying to Xi Ruoyao:

There is a meson-based building system now, but the upstream says:

It is currently incomplete. Tests are not implemented yet. The library and executable are.

So switching to meson now seems premature. But maybe it's enough to demote cmake to recommended instead of required.

Let's leave cmake as required for now. We can update that when the meson build is complete. I really don't see changing to meson when it is complete unless upstream stops supporting cmake.

comment:8 by Douglas R. Reno, 6 months ago

Resolution:	→ fixed
Status:	assigned → closed

Fixed at 4b67e8bf43afdaa2d979555e25d70bf1fd876187

SA-12.0-038 issued

Note: See TracTickets for help on using tickets.

Download in other formats: