pkg-perl-maintainers team mailing list archive

Thread
Date

Re: [Bug 1925985] Re: CVE-2021-22204

To: pkg-perl-maintainers@xxxxxxxxxxxxxxxxxxx
From: gregor herrmann <1925985@xxxxxxxxxxxxxxxxxx>
Date: Thu, 10 Jun 2021 17:38:30 -0000
Reply-to: Bug 1925985 <1925985@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

On Wed, 09 Jun 2021 19:37:15 -0000, Hugo Buddelmeijer wrote:

> Also, I've added my name to the changelog, even though @gregoa Gregor
> Herrmann did the actual work, which is credited in the changelog. I
> don't care about getting credit for this, so feel free to change the
> changelog.

FWIW, I'm perfectly fine with your changelog.

Great that you found our packaging repo on salsa and were able to
create a (hopefully) finished debdiff for Ubuntu.
 
> There are also several other Ubuntu versions listed as "Needs triage" on
> https://ubuntu.com/security/CVE-2021-22204 (21.04, 20.10, 18.04). I
> don't have those running, so I cannot comment on those.

In any case, the patch / upstream code change should apply for older
versions as well.


Cheers,
gregor

-- 
 .''`.  https://info.comodo.priv.at -- Debian Developer https://www.debian.org
 : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D  85FA BB3A 6801 8649 AA06
 `. `'  Member VIBE!AT & SPI Inc. -- Supporter Free Software Foundation Europe
   `-

-- 
You received this bug notification because you are a member of Debian
Perl Group, which is subscribed to libimage-exiftool-perl in Ubuntu.
https://bugs.launchpad.net/bugs/1925985

Title:
  CVE-2021-22204

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libimage-exiftool-perl/+bug/1925985/+subscriptions

References

[Bug 1925985] [NEW] CVE-2021-22204
From: William Bowling, 2021-04-24