[Git][security-tracker-team/security-tracker][master] Update information on CVE-2018-10780/exiv2

Salvatore Bonaccorso carnil at debian.org
Sun Oct 14 18:19:00 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6993ba17 by Salvatore Bonaccorso at 2018-10-14T17:17:54Z
Update information on CVE-2018-10780/exiv2

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -19116,12 +19116,14 @@ CVE-2018-10782
 CVE-2018-10781
 	RESERVED
 CVE-2018-10780 (Exiv2::Image::byteSwap2 in image.cpp in Exiv2 0.26 has a heap-based ...)
-	- exiv2 <undetermined>
-	[jessie] - exiv2 <not-affected> (Vulnerable code not present; image format not supported)
+	[experimental] - exiv2 <unfixed>
+	- exiv2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1575201
-	NOTE: Fixed by upstream commit https://github.com/Exiv2/exiv2/commit/74cb5bab132ed76adf15df172c5e8b58cddaa96c
-	NOTE: The upstream commit was identified by starting at tag v0.26 and bisecting
-	TODO: check, there is same function in byteSwap2 in earlier versions than 0.26
+	NOTE: Commit https://github.com/Exiv2/exiv2/commit/74cb5bab132ed76adf15df172c5e8b58cddaa96c
+	NOTE: adresses an overflow, but not solving the invalid write of size 1 via
+	NOTE: Exiv2::Image::printIFDStructure.
+	NOTE: Commit https://github.com/Exiv2/exiv2/commit/8ff26931e31bb25d66c69846f47f3f5b6d9a32f1
+	NOTE: avoids using Image::printStructure() when reading images.
 CVE-2018-10779 (TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based ...)
 	- tiff 4.0.6-3 (bug #898359)
 	[jessie] - tiff 4.0.3-12.3+deb8u2



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6993ba175e156cb706b8c9e20fd434d2517e6ea7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6993ba175e156cb706b8c9e20fd434d2517e6ea7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181014/985e1bb2/attachment.html>

More information about the debian-security-tracker-commits mailing list