[Secure-testing-commits] r54881 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2017-08-19 09:25:36 +0000 (Sat, 19 Aug 2017)
New Revision: 54881

Modified:
   data/CVE/list
Log:
Add CVE-2017-1295{5,6,7}/exiv2

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-08-19 09:25:26 UTC (rev 54880)
+++ data/CVE/list	2017-08-19 09:25:36 UTC (rev 54881)
@@ -22,11 +22,14 @@
 	- pspp <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482429
 CVE-2017-12957 (There is a heap-based buffer over-read in libexiv2 in Exiv2 0.26 that ...)
-	TODO: check
+	- exiv2 <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482423
 CVE-2017-12956 (There is an illegal address access in Exiv2::FileIo::path[abi:cxx11]() ...)
-	TODO: check
+	- exiv2 <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482296
 CVE-2017-12955 (There is a heap-based buffer overflow in basicio.cpp of Exiv2 0.26. The ...)
-	TODO: check
+	- exiv2 <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482295
 CVE-2017-12954
 	RESERVED
 CVE-2017-12953