mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-13 17:39:57 +00:00
Code Issues Projects Releases Wiki Activity

exiv2: Upgrade 0.28.2 to 0.28.3 for CVE fix

Browse Source 
Release Notes:

* https://github.com/Exiv2/exiv2/issues/3008
* https://github.com/Exiv2/exiv2/milestone/14?closed=1

This release also fixes a low-severity security issue in asfvideo.cpp:

* [CVE-2024-39695](https://github.com/Exiv2/exiv2/security/advisories/GHSA-38rv-8x93-pvrh): out-of-bounds read in AsfVideo::streamProperties.

This vulnerability is in a new feature (ASF video) that was added in version 0.28.0, so earlier versions of Exiv2 are not affected.

Signed-off-by: alperak <alperyasinak1@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9f4361418d)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This commit is contained in:
alperak
2024-07-12 11:06:41 +03:00
committed by Armin Kuster
parent 496a24bf06
commit 6434e4328b
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-oe/recipes-support/exiv2/exiv2_0.28.2.bb → meta-oe/recipes-support/exiv2/exiv2_0.28.3.bb
+1 -1
View File
@@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=625f055f41728f84a8d7938acc35bdc2"
DEPENDS = "zlib expat brotli libinih"
SRC_URI = "git://github.com/Exiv2/exiv2.git;protocol=https;branch=0.28.x"
SRCREV = "04207b9c39bf7b3b1a7144f7ed4e4f16b4f29ef6"
SRCREV = "a6a79ef064f131ffd03c110acce2d3edb84ffa2e"
S = "${WORKDIR}/git"
inherit cmake gettext