[Secure-testing-commits] r53868 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Jul 24 19:49:02 UTC 2017
Author: carnil
Date: 2017-07-24 19:49:02 +0000 (Mon, 24 Jul 2017)
New Revision: 53868
Modified:
data/CVE/list
Log:
Add two more exiv2 issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-24 19:37:19 UTC (rev 53867)
+++ data/CVE/list 2017-07-24 19:49:02 UTC (rev 53868)
@@ -31,9 +31,11 @@
CVE-2017-11593 (Cross-site scripting (XSS) vulnerability in the Markdown Preview Plus ...)
TODO: check
CVE-2017-11592 (There is a Mismatched Memory Management Routines vulnerability in the ...)
- TODO: check
+ - exiv2 <unfixed>
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1473889
CVE-2017-11591 (There is a Floating point exception in the Exiv2::ValueType function in ...)
- TODO: check
+ - exiv2 <unfixed>
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1473888
CVE-2017-11590 (There is a NULL pointer dereference in the caseless_hash function in ...)
- libgxps <unfixed>
[stretch] - libgxps <not-affected> (Vulnerable function introduced later)
More information about the Secure-testing-commits
mailing list