Context Navigation

← Previous Ticket
Next Ticket →

#18825 closed enhancement (fixed)

exiv2-0.28.1

Reported by:	Bruce Dubbs	Owned by:	Douglas R. Reno
Priority:	elevated	Milestone:	12.1
Component:	BOOK	Version:	git
Severity:	normal	Keywords:
Cc:

Description

New point version.

Change History (8)

comment:1 by Xi Ruoyao, 2 years ago

There's no https://github.com/Exiv2/exiv2/releases/download/v0.28.1/exiv2-0.28.1-Source.tar.gz (yet).

comment:2 by Xi Ruoyao, 2 years ago

https://github.com/Exiv2/exiv2/archive/v0.28.1/exiv2-0.28.1.tar.gz works.

comment:3 by Xi Ruoyao, 2 years ago

There is a test suite in 0.28.1:

$ make test
Running tests...
Test project /home/xry111/sources/12.1/exiv2-0.28.1/b
    Start 1: bugfixTests
1/5 Test #1: bugfixTests ......................   Passed    5.24 sec
    Start 2: lensTests
2/5 Test #2: lensTests ........................   Passed    0.13 sec
    Start 3: tiffTests
3/5 Test #3: tiffTests ........................   Passed    0.09 sec
    Start 4: versionTests
4/5 Test #4: versionTests .....................   Passed    0.08 sec
    Start 5: regressionTests
5/5 Test #5: regressionTests ..................   Passed    2.25 sec

100% tests passed, 0 tests failed out of 5

Total Test time (real) =   7.78 sec

follow-up: 7 comment:4 by Xi Ruoyao, 2 years ago

There is a meson-based building system now, but the upstream says:

It is currently incomplete. Tests are not implemented yet. The library and executable are.

So switching to meson now seems premature. But maybe it's enough to demote cmake to recommended instead of required.

comment:5 by Xi Ruoyao, 2 years ago

Priority:	normal → elevated

Release Notes: https://github.com/Exiv2/exiv2/issues/2813

This release also fixes [CVE-2023-44398](https://github.com/Exiv2/exiv2/security/advisories/GHSA-hrw9-ggg3-3r4r), an out-of-bounds write in BmffImage::brotliUncompress. The vulnerability is in new code that was added in version 0.28.0, so earlier versions of Exiv2 are not affected.

comment:6 by Douglas R. Reno, 2 years ago

Owner:	changed from blfs-book to Douglas R. Reno
Status:	new → assigned

in reply to: 4 comment:7 by Bruce Dubbs, 2 years ago

Replying to Xi Ruoyao:

There is a meson-based building system now, but the upstream says:

It is currently incomplete. Tests are not implemented yet. The library and executable are.

So switching to meson now seems premature. But maybe it's enough to demote cmake to recommended instead of required.

Let's leave cmake as required for now. We can update that when the meson build is complete. I really don't see changing to meson when it is complete unless upstream stops supporting cmake.

comment:8 by Douglas R. Reno, 2 years ago

Resolution:	→ fixed
Status:	assigned → closed

Fixed at 4b67e8bf43afdaa2d979555e25d70bf1fd876187

SA-12.0-038 issued

Note: See TracTickets for help on using tickets.

Download in other formats: