[Secure-testing-commits] r56962 - data/CVE

Raphaël Hertzog hertzog at moszumanska.debian.org
Wed Oct 25 09:25:40 UTC 2017 

Author: hertzog
Date: 2017-10-25 09:25:40 +0000 (Wed, 25 Oct 2017)
New Revision: 56962

Modified:
   data/CVE/list
Log:
Add reproducibility results and upstream reports for all exiv2 CVE

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-10-25 09:20:25 UTC (rev 56961)
+++ data/CVE/list	2017-10-25 09:25:40 UTC (rev 56962)
@@ -2577,48 +2577,73 @@
 	- restlet <itp> (bug #596472)
 CVE-2017-14866 (There is a heap-based buffer overflow in the Exiv2::s2Data function of ...)
 	- exiv2 <unfixed>
+	NOTE: https://github.com/Exiv2/exiv2/issues/140
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1494781
-	TODO: check, asked reporter to contact upstream
+	TODO: check
+	NOTE: Unreproducible on wheezy/jessie/stretch/sid(0.25-3.1).
+	NOTE: Reproducible in experimental(0.26-1) with valgrind (and "free(): corrupted unsorted chunks" without valgrind).
 CVE-2017-14865 (There is a heap-based buffer overflow in the Exiv2::us2Data function of ...)
 	- exiv2 <unfixed>
+	NOTE: https://github.com/Exiv2/exiv2/issues/134
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1494778
-	TODO: check, asked reporter to contact upstream
+	TODO: check
+	NOTE: Unreproducible on wheezy/jessie/stretch/sid(0.25-3.1).
+	NOTE: Reproducible in experimental(0.26-1) with valgrind (and "free(): corrupted unsorted chunks" without valgrind).
 CVE-2017-14864 (An Invalid memory address dereference was discovered in Exiv2::getULong ...)
 	- exiv2 <unfixed>
+	NOTE: https://github.com/Exiv2/exiv2/issues/73
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1494467
-	TODO: check, asked reporter to contact upstream
+	TODO: check
+	NOTE: Unreproducible on wheezy/jessie/stretch/sid(0.25-3.1).
+	NOTE: Reproducible in experimental(0.26-1) with valgrind (and segfault without valgrind).
 CVE-2017-14863 (A NULL pointer dereference was discovered in ...)
 	- exiv2 <unfixed>
+	NOTE: https://github.com/Exiv2/exiv2/issues/132
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1494443
-	TODO: check, asked reporter to contact upstream
+	TODO: check
+	NOTE: Unreproducible on wheezy/jessie/stretch/sid(0.25-3.1).
+	NOTE: Reproducible in experimental(0.26-1) with valgrind (and "free(): invalid next size (fast)" without valgrind).
 CVE-2017-14862 (An Invalid memory address dereference was discovered in ...)
 	- exiv2 <unfixed>
+	NOTE: https://github.com/Exiv2/exiv2/issues/75
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1494786
-	TODO: check, asked reporter to contact upstream
+	TODO: check
+	NOTE: Unreproducible on wheezy/jessie/stretch/sid(0.25-3.1).
+	NOTE: Reproducible in experimental(0.26-1) with valgrind (and segfault without valgrind).
 CVE-2017-14861 (There is a stack consumption vulnerability in the ...)
 	- exiv2 <unfixed>
+	NOTE: https://github.com/Exiv2/exiv2/issues/139
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1494787
-	TODO: check, asked reporter to contact upstream
+	TODO: check
+	NOTE: Unreproducible on wheezy/jessie/stretch/sid(0.25-3.1).
+	NOTE: Reproducible in experimental(0.26-1) with valgrind (and segfault without valgrind).
 CVE-2017-14860 (There is a heap-based buffer over-read in the ...)
 	- exiv2 <unfixed>
+	NOTE: https://github.com/Exiv2/exiv2/issues/71
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1494776
-	TODO: check, asked reporter to contact upstream
+	TODO: check
+	NOTE: Unreproducible on wheezy/jessie/stretch/sid(0.25-3.1).
+	NOTE: Reproducible in experimental(0.26-1) with valgrind (and segfault without valgrind).
 CVE-2017-14859 (An Invalid memory address dereference was discovered in ...)
 	- exiv2 <unfixed>
+	NOTE: https://github.com/Exiv2/exiv2/issues/74
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1494780
-	TODO: check, asked reporter to contact upstream
+	TODO: check
 	NOTE: Unreproducible on wheezy/jessie/stretch/sid(0.25-3.1).
 	NOTE: Reproducible in experimental(0.26-1).
 CVE-2017-14858 (There is a heap-based buffer overflow in the Exiv2::l2Data function of ...)
 	- exiv2 <unfixed>
+        NOTE: https://github.com/Exiv2/exiv2/issues/138
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1494782
-	TODO: check, asked reporter to contact upstream
+	TODO: check
 	NOTE: Unreproducible on wheezy/jessie/stretch/sid(0.25-3.1).
 	NOTE: Reproducible in experimental(0.26-1) with a different error (double free or corruption (out))
 CVE-2017-14857 (In Exiv2 0.26, there is an invalid free in the Image class in image.cpp ...)
 	- exiv2 <unfixed>
+	NOTE: https://github.com/Exiv2/exiv2/issues/76
+	NOTE: https://github.com/Exiv2/exiv2/issues/124
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1495043
-	TODO: check, asked reporter to contact upstream
+	TODO: check
 	NOTE: Unreproducible on wheezy/jessie/stretch/sid(0.25-3.1).
 	NOTE: Reproducible in experimental(0.26-1).
 CVE-2017-14856

More information about the Secure-testing-commits mailing list