<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en">

<head>

<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type">

<title>

GitLab

</title>

<style>img {

max-width: 100%; height: auto;

}

</style>

</head>

<body>

<div class="content">

<h3>

Salvatore Bonaccorso pushed to branch master

at <a href="https://salsa.debian.org/security-tracker-team/security-tracker">Debian Security Tracker / security-tracker</a>

</h3>

<h4>

Commits:

</h4>

<ul>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/baf5bfa1c7ee3e59691e8e339b1f8f480c8f72c7">baf5bfa1</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2020-01-31T13:55:29+01:00</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Four more CVEs for exiv2 were affecting only experimental

More importantly those were then later on fixed in an upstream version

which then moved fixed directly to unstable without making unstable

vulnerable.

Note this appears not to be the case for every of the issues we ever

marked only affected in experimental, so some further extra care and

possibly the marking needs to be updated.

</pre>

</li>

</ul>

<h4>1 changed file:</h4>

<ul>

<li class="file-stats">

<a href="#4716ef5aa8f2742228ba3b3633215c8b808565e3">

data/CVE/list

</a>

</li>

</ul>

<h4>Changes:</h4>

<li id="4716ef5aa8f2742228ba3b3633215c8b808565e3">

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/baf5bfa1c7ee3e59691e8e339b1f8f480c8f72c7#4716ef5aa8f2742228ba3b3633215c8b808565e3"><strong>data/CVE/list</strong></a>

<hr>

No preview for this file type

<br>

</li>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #777;">

—

<br>

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/baf5bfa1c7ee3e59691e8e339b1f8f480c8f72c7">View it on GitLab</a>.

<br>

You're receiving this email because of your account on salsa.debian.org.

If you'd like to receive fewer emails, you can

adjust your notification settings.

<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Commit","url":"https://salsa.debian.org/security-tracker-team/security-tracker/commit/baf5bfa1c7ee3e59691e8e339b1f8f480c8f72c7"}}</script>

</p>

</div>

</body>

</html>