[Pkg-phototools-devel] Bug#949587: RFS: libexif/0.6.21-6 -- library to parse EXIF files

Hugh McMaster hugh.mcmaster at outlook.com
Thu Jan 23 10:21:18 GMT 2020


Hi Boyuan,

On Thu, 23 Jan 2020 at 03:33, Boyuan Yang wrote:
> Hi,
>
> On Wed, 22 Jan 2020 23:29:48 +1100 Hugh McMaster wrote:
> > Package: sponsorship-requests
> > Severity: normal
> >
> > Dear mentors and Debian PhotoTools Team members,
> >
> > I am looking for a sponsor for a Team Upload of the package "libexif".
> >
> >  * Package name    : libexif
> >    Version         : 0.6.21-6
>
> >    * debian/patches: Add upstream patches by Marcus Meissner:
> >      - Avoid the use of unsafe integer overflow checking constructs
> >        (CVE-2019-9287) (Closes: #945948).
>
> It is CVE-2019-9278, not CVE-2019-9287. Please fix it.

Thank you for catching this.

I have fixed the typo in the source and re-uploaded the package to
Debian Mentors.

I once again seek a sponsor for libexif 0.6.21-6.

Kind regards,

Hugh



More information about the Pkg-phototools-devel mailing list