[Git][security-tracker-team/security-tracker][master] exiv2 bug

Moritz Muehlenhoff jmm at debian.org
Mon Apr 30 23:59:26 BST 2018


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
be72b1a8 by Moritz Muehlenhoff at 2018-05-01T00:58:57+02:00
exiv2 bug

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -29346,7 +29346,7 @@ CVE-2017-1000190 (SimpleXML (latest version 2.7.1) is vulnerable to an XXE vulne
 CVE-2017-1000163 (The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through ...)
 	NOT-FOR-US: Phoenix Framework
 CVE-2017-1000128 (Exiv2 0.26 contains a stack out of bounds read in JPEG2000 parser ...)
-	- exiv2 <unfixed>
+	- exiv2 <unfixed> (bug #897260)
 	[stretch] - exiv2 <ignored> (Minor issue)
 	[jessie] - exiv2 <ignored> (Minor issue)
 	[wheezy] - exiv2 <not-affected> (Cannot reproduce with crash file)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/be72b1a8060e4c87ac188e120c9dd5717344ccf3

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/be72b1a8060e4c87ac188e120c9dd5717344ccf3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180430/ef2d9f96/attachment-0001.html>


More information about the debian-security-tracker-commits mailing list