[Secure-testing-commits] r53079 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Jul 1 15:32:58 UTC 2017
Author: carnil
Date: 2017-07-01 15:32:58 +0000 (Sat, 01 Jul 2017)
New Revision: 53079
Modified:
data/CVE/list
Log:
Add some notes for CVE-2017-9953, can be rmeoved once final evaluated
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-01 14:34:11 UTC (rev 53078)
+++ data/CVE/list 2017-07-01 15:32:58 UTC (rev 53079)
@@ -379,7 +379,10 @@
CVE-2017-9953 (There is an invalid free in Image::printIFDStructure that leads to a ...)
- exiv2 <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1465061
- TODO: check
+ NOTE: Possibly introduced after https://github.com/Exiv2/exiv2/commit/fd5e983746c336336039e91cb6b656cf8eeccdea
+ NOTE: which introduces printIFDStructure function and later restructurated
+ NOTE: again. Around that commit upstream source though does not build.
+ TODO: check, seems to be introduced after upstream commit fd5e983746c336336039e91cb6b656cf8eeccdea
CVE-2017-9952
RESERVED
CVE-2017-9951
More information about the Secure-testing-commits
mailing list