[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] exiv confirmed

Moritz Muehlenhoff jmm at debian.org
Tue Apr 3 21:44:10 BST 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5e080e98 by Moritz Muehlenhoff at 2018-04-03T22:43:40+02:00
exiv confirmed
add freeplane to dsa-needed

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -15773,11 +15773,12 @@ CVE-2017-17724 (In Exiv2 0.26, there is a heap-based buffer over-read in the ...
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1524107
 	NOTE: https://github.com/Exiv2/exiv2/issues/210
 CVE-2017-17723 (In Exiv2 0.26, there is a heap-based buffer over-read in the ...)
-	- exiv2 <undetermined>
+	- exiv2 <unfixed> (low)
+	[stretch] - exiv2 <ignored> (Minor issue)
+	[jessie] - exiv2 <ignored> (Minor issue)
 	[wheezy] - exiv2 <ignored> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1524104
 	NOTE: https://github.com/Exiv2/exiv2/issues/229
-	TODO: check
 CVE-2017-17722 (In Exiv2 0.26, there is a reachable assertion in the readHeader ...)
 	[experimental] - exiv2 <unfixed> (low; bug #891044)
 	- exiv2 <not-affected> (Vulnerable code introduced in 0.26)


=====================================
data/dsa-needed.txt
=====================================
--- a/data/dsa-needed.txt
+++ b/data/dsa-needed.txt
@@ -26,6 +26,8 @@ ffmpeg/stable
 freeplane
   Felix Natter is preparing updates, asked in #893663 to send debdiffs for review
 --
+freeplane
+--
 gitlab
   Pirate Praveen will prepare updates
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5e080e98cd46916a5bd67816f74562a0665e666d

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5e080e98cd46916a5bd67816f74562a0665e666d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180403/a8a2f502/attachment.html>

More information about the debian-security-tracker-commits mailing list