<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en">

<head>

<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type">

<title>

GitLab

</title>

<style>img {

max-width: 100%; height: auto;

}

</style>

</head>

<body>

<div class="content">

<h3>

Salvatore Bonaccorso pushed to branch master

at <a href="https://salsa.debian.org/security-tracker-team/security-tracker">Debian Security Tracker / security-tracker</a>

</h3>

<h4>

Commits:

</h4>

<ul>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/46efe50f3387759ec0e2fe4d77d5782cd0bb46d9">46efe50f</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2020-02-02T21:04:40+01:00</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Update tracking for CVE-2018-11037/exiv2

It is unfortunately not fully clear if this issue only ever affected

experimental. But the printStructure part was dropped in 0.27 upstream.

To play on the safe side consider versions before 0.27 as affected

(better wrongly mark something as affected, than the other way around)

and mark the first version based on 0.27 upstream which entered unstable

as the fixed one.

Furthermore the issue is minor (information leak via crafted file) and

can be considered no-dsa.

</pre>

</li>

</ul>

<h4>1 changed file:</h4>

<ul>

<li class="file-stats">

<a href="#4716ef5aa8f2742228ba3b3633215c8b808565e3">

data/CVE/list

</a>

</li>

</ul>

<h4>Changes:</h4>

<li id="4716ef5aa8f2742228ba3b3633215c8b808565e3">

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/46efe50f3387759ec0e2fe4d77d5782cd0bb46d9#4716ef5aa8f2742228ba3b3633215c8b808565e3"><strong>data/CVE/list</strong></a>

<hr>

No preview for this file type

<br>

</li>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #777;">

—

<br>

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/46efe50f3387759ec0e2fe4d77d5782cd0bb46d9">View it on GitLab</a>.

<br>

You're receiving this email because of your account on salsa.debian.org.

If you'd like to receive fewer emails, you can

adjust your notification settings.

<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Commit","url":"https://salsa.debian.org/security-tracker-team/security-tracker/commit/46efe50f3387759ec0e2fe4d77d5782cd0bb46d9"}}</script>

</p>

</div>

</body>

</html>