[Git][security-tracker-team/security-tracker][master] Mark CVE-2018-11037 as postponed in jessie

[Emilio Pozuelo Monfort]

Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker


Commits:
49db9ffc by Emilio Pozuelo Monfort at 2018-06-29T12:52:13+02:00
Mark CVE-2018-11037 as postponed in jessie

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -5065,6 +5065,7 @@ CVE-2018-11038
 	RESERVED
 CVE-2018-11037 (In Exiv2 0.26, the Exiv2::PngImage::printStructure function in ...)
 	- exiv2 <unfixed>
+	[jessie] - exiv2 <postponed> (Minor issue, wait for more issues)
 	NOTE: https://github.com/Exiv2/exiv2/issues/307
 CVE-2018-11036 (Ruckus SmartZone (formerly Virtual SmartCell Gateway or vSCG) 3.5.0, ...)
 	NOT-FOR-US: Ruckus devices


=====================================
data/dla-needed.txt
=====================================
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -30,9 +30,6 @@ enigmail
 --
 evolution
 --
-exiv2
-  NOTE: 20180628: The only outstanding vulnerability, CVE-2018-11037, is slated to be fixed in the next upstream release, 0.27.
---
 firefox-esr (Emilio Pozuelo)
   NOTE: 20180525: We will need an update to Firefox ESR 60 in jessie once 52 goes EOL.
   NOTE: 20180525: This needs some backports (llvm, rustc, cargo) which need some work.



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/49db9ffce205a62c1f1606581741ef6fb7c6411d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/49db9ffce205a62c1f1606581741ef6fb7c6411d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180629/b1545378/attachment-0001.html>