Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 791397 - <media-libs/exiftool-12.26: Vulnerability in lang option
Summary: <media-libs/exiftool-12.26: Vulnerability in lang option
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
Whiteboard: ?? [glsa?]
Depends on:
Blocks: CVE-2021-22204
  Show dependency tree
Reported: 2021-05-22 05:02 UTC by Sam James
Modified: 2021-10-31 20:10 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-05-22 05:02:00 UTC
"May 20, 2021 - Version 12.26 (production release)
Added support for JPEG Stereo (JPS) images
Added a new Sony LensType (thanks LibRaw)
Added a new PentaxModelID (thanks LibRaw)
Changed ExifTool namespace URI to use instead of in the -X option output ( is still recognized when reading XML)
Improved handling of large-array warnings in -htmldump output
Changed handling of escaped characters in #[CSTR] lines of -@ argfile
Patched security vulnerability in argument of -lang option
Fixed problem which could cause a "Wide character" warning and generate a corrupted output file when writing some illegal values"
Comment 2 Agostino Sarubbo gentoo-dev 2021-05-27 06:56:01 UTC
amd64 stable
Comment 3 Agostino Sarubbo gentoo-dev 2021-05-27 06:57:43 UTC
x86 stable
Comment 4 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-05-27 19:10:47 UTC
arm64 done
Comment 5 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-05-27 19:20:22 UTC
ppc64 done
Comment 6 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-05-27 19:22:32 UTC
ppc done

all arches done
Comment 7 Larry the Git Cow gentoo-dev 2021-05-30 21:01:15 UTC
The bug has been referenced in the following commit(s):

commit 5b20f7125508f3a30f11bbb08f89ee86ad68d28e
Author:     Andreas K. Hüttel <>
AuthorDate: 2021-05-30 20:34:41 +0000
Commit:     Andreas K. Hüttel <>
CommitDate: 2021-05-30 21:00:51 +0000

    media-libs/exiftool: Remove old
    Package-Manager: Portage-3.0.18, Repoman-3.0.2
    Signed-off-by: Andreas K. Hüttel <>

 media-libs/exiftool/Manifest                       |  1 -
 media-libs/exiftool/exiftool-12.16-r1.ebuild       | 27 -------------------
 .../files/exiftool-12.16-CVE-2021-22204.patch      | 30 ----------------------
 3 files changed, 58 deletions(-)
Comment 8 NATTkA bot gentoo-dev 2021-10-23 15:40:48 UTC
Unable to check for sanity:

> no match for package: media-libs/exiftool-12.26
Comment 9 Andreas K. Hüttel archtester gentoo-dev 2021-10-31 20:10:43 UTC
cleanup done