From 6c6bd032cd07ce098344d1cc7aa7aa51cb7a9a0e Mon Sep 17 00:00:00 2001 From: Kevin Backhouse Date: Thu, 4 Jul 2024 21:51:58 +0100 Subject: [PATCH] Exiv2 v0.28.3 --- CMakeLists.txt | 2 +- SECURITY.md | 1 + doc/ChangeLog | 14 ++++++++++++++ meson.build | 2 +- po/exiv2.pot | 2 +- 5 files changed, 18 insertions(+), 3 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index fec1b58864..cda5fd9bda 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -2,7 +2,7 @@ cmake_minimum_required( VERSION 3.11.0 ) project(exiv2 - VERSION 0.28.2 + VERSION 0.28.3 DESCRIPTION "Exif/IPTC/Xmp C++ metadata library and tools plus ICC Profiles, Previews and more." LANGUAGES C CXX ) diff --git a/SECURITY.md b/SECURITY.md index 84afe6ff21..8d5be34af0 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -7,6 +7,7 @@ | v0.28 | 2023-05-08 | v0.28.0 | 0.28.x | v0.28.0 | 2023-05-08 | v0.28.0 | | | | | | v0.28.1 | 2023-11-06 | v0.28.1 | | | | | | v0.28.2 | 2024-02-13 | v0.28.2 | +| | | | | v0.28.3 | 2024-07-11 | v0.28.3 | | v0.27 | 2018-12-20 | 0.27 | 0.27-maintenance | v0.27.0 | 2018-12-20 | v0.27.0 | | | | | | v0.27.1 | 2019-04-18 | v0.27.1 | | | | | | v0.27.2 | 2019-07-29 | v0.27.2 | diff --git a/doc/ChangeLog b/doc/ChangeLog index 12305930ea..c60fcec045 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,3 +1,17 @@ +Changes from version 0.28.2 to 0.28.3 +------------------------------------- + +Release Notes: + +* https://github.com/Exiv2/exiv2/issues/3008 +* https://github.com/Exiv2/exiv2/milestone/14?closed=1 + +This release also fixes a low-severity security issue in asfvideo.cpp: + +* [CVE-2024-XXX](https://github.com/Exiv2/exiv2/security/advisories/GHSA-38rv-8x93-pvrh): out-of-bounds read in AsfVideo::streamProperties. + +This vulnerability is in a new feature (ASF video) that was added in version 0.28.0, so earlier versions of Exiv2 are not affected. + Changes from version 0.28.1 to 0.28.2 ------------------------------------- diff --git a/meson.build b/meson.build index 66ff8f519b..45b2e06cb8 100644 --- a/meson.build +++ b/meson.build @@ -1,7 +1,7 @@ project( 'exiv2', 'cpp', - version: '0.28.2', + version: '0.28.3', meson_version: '>=0.54.1', default_options: ['warning_level=0', 'cpp_std=c++17'], ) diff --git a/po/exiv2.pot b/po/exiv2.pot index 4f688c630f..6702033af2 100644 --- a/po/exiv2.pot +++ b/po/exiv2.pot @@ -6,7 +6,7 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: exiv2 0.28.2\n" +"Project-Id-Version: exiv2 0.28.3\n" "Report-Msgid-Bugs-To: https://github.com/Exiv2/exiv2/issues\n" "POT-Creation-Date: 2024-04-03 16:17+0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"