diff -up Image-ExifTool-12.16/lib/Image/ExifTool/DjVu.pm.CVE-2021-22204 Image-ExifTool-12.16/lib/Image/ExifTool/DjVu.pm
--- Image-ExifTool-12.16/lib/Image/ExifTool/DjVu.pm.CVE-2021-22204	2021-04-26 11:06:57.868813858 -0400
+++ Image-ExifTool-12.16/lib/Image/ExifTool/DjVu.pm	2021-04-26 11:07:46.734614214 -0400
@@ -18,7 +18,7 @@ use strict;
 use vars qw($VERSION);
 use Image::ExifTool qw(:DataAccess :Utils);
 
-$VERSION = '1.06';
+$VERSION = '1.07';
 
 sub ParseAnt($);
 sub ProcessAnt($$$);
@@ -227,10 +227,11 @@ Tok: for (;;) {
                 last unless $tok =~ /(\\+)$/ and length($1) & 0x01;
                 $tok .= '"';    # quote is part of the string
             }
-            # must protect unescaped "$" and "@" symbols, and "\" at end of string
-            $tok =~ s{\\(.)|([\$\@]|\\$)}{'\\'.($2 || $1)}sge;
-            # convert C escape sequences (allowed in quoted text)
-            $tok = eval qq{"$tok"};
+            # convert C escape sequences, allowed in quoted text
+            # (note: this only converts a few of them!)
+            my %esc = ( a => "\a", b => "\b", f => "\f", n => "\n",
+                        r => "\r", t => "\t", '"' => '"', '\\' => '\\' );
+            $tok =~ s/\\(.)/$esc{$1}||'\\'.$1/egs;
         } else {                # key name
             pos($$dataPt) = pos($$dataPt) - 1;
             # allow anything in key but whitespace, braces and double quotes