[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Track issue for CVE-2018-8977 (although only affects experimental)
Salvatore Bonaccorso
carnil at debian.org
Tue Mar 27 05:18:31 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5aef18eb by Salvatore Bonaccorso at 2018-03-27T07:17:37+02:00
Track issue for CVE-2018-8977 (although only affects experimental)
Purpose is that we do not let exiv2 0.26 without fixes go to unstable
and thus possibly next stable release.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -91,7 +91,7 @@ CVE-2018-8979 (Open-AudIT Professional 2.1 has CSRF, as demonstrated by modifyin
CVE-2018-8978 (Open-AudIT Professional 2.1 has XSS via a crafted src attribute of an ...)
NOT-FOR-US: Open-AudIT Professional
CVE-2018-8977 (In Exiv2 0.26, the Exiv2::Internal::printCsLensFFFF function in ...)
- [experimental] - exiv2 <unfixed>
+ [experimental] - exiv2 <unfixed> (bug #894179)
- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
NOTE: https://github.com/Exiv2/exiv2/issues/247
CVE-2018-8976 (In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5aef18eb188ef8b1133feeca650d4a522457a948
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5aef18eb188ef8b1133feeca650d4a522457a948
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180327/da709471/attachment.html>
More information about the Secure-testing-commits
mailing list