[Git][security-tracker-team/security-tracker][master] exiv triage
Moritz Muehlenhoff
jmm at debian.org
Mon Feb 25 23:27:13 GMT 2019
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d78ab1d1 by Moritz Muehlenhoff at 2019-02-25T23:26:51Z
exiv triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -16893,6 +16893,7 @@ CVE-2018-20097 (There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimar
- exiv2 <unfixed> (low)
[stretch] - exiv2 <no-dsa> (Minor issue)
NOTE: https://github.com/Exiv2/exiv2/issues/590
+ NOTE: https://github.com/Exiv2/exiv2/commit/203ab0db28c9666b16069d4056ac5f66f753a51d
CVE-2018-20096 (There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf ...)
[experimental] - exiv2 <unfixed> (low)
- exiv2 <not-affected> (Vulnerable code introduced later)
@@ -24197,12 +24198,16 @@ CVE-2018-19108 (In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in
[jessie] - exiv2 <ignored> (Minor issue)
NOTE: https://github.com/Exiv2/exiv2/issues/426
NOTE: https://github.com/Exiv2/exiv2/pull/518
+ NOTE: https://github.com/Exiv2/exiv2/commit/68966932510213b5656fcf433ab6d7e26f48e23b
+ NOTE: https://github.com/Exiv2/exiv2/commit/b7c71f3ad0386cd7af3b73443c0615ada073f0d5
CVE-2018-19107 (In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from ...)
- exiv2 <unfixed> (bug #913273)
[stretch] - exiv2 <no-dsa> (Minor issue)
[jessie] - exiv2 <ignored> (Minor issue)
NOTE: https://github.com/Exiv2/exiv2/issues/427
NOTE: https://github.com/Exiv2/exiv2/pull/518
+ NOTE: https://github.com/Exiv2/exiv2/commit/68966932510213b5656fcf433ab6d7e26f48e23b
+ NOTE: https://github.com/Exiv2/exiv2/commit/b7c71f3ad0386cd7af3b73443c0615ada073f0d5
CVE-2018-19106 (Avi Vantage before 17.2.13 uses an invalid URL encoding during a ...)
NOT-FOR-US: Avi Vantage
CVE-2018-19105 (LibreCAD 2.1.3 allows remote attackers to cause a denial of service ...)
@@ -45352,9 +45357,7 @@ CVE-2017-18268 (Symantec IntelligenceCenter 3.3 is vulnerable to the Return of t
CVE-2018-11038
RESERVED
CVE-2018-11037 (In Exiv2 0.26, the Exiv2::PngImage::printStructure function in ...)
- - exiv2 <unfixed>
- [stretch] - exiv2 <postponed> (Revisit when fixed upstream)
- [jessie] - exiv2 <postponed> (Minor issue, wait for more issues)
+ - exiv2 <undetermined>
NOTE: https://github.com/Exiv2/exiv2/issues/307
CVE-2018-11036 (Ruckus SmartZone (formerly Virtual SmartCell Gateway or vSCG) 3.5.0, ...)
NOT-FOR-US: Ruckus devices
@@ -50369,6 +50372,7 @@ CVE-2018-9145 (In the DataBuf class in include/exiv2/types.hpp in Exiv2 0.26, an
NOTE: Issue introduced after https://github.com/Exiv2/exiv2/commit/163f3ce7f17a143f58d857a5cba3cb7b24436a2a
CVE-2018-9144 (In Exiv2 0.26, there is an out-of-bounds read in ...)
- exiv2 <unfixed> (low)
+ [buster] - exiv2 <ignored> (Minor issue)
[stretch] - exiv2 <ignored> (Minor issue)
[jessie] - exiv2 <ignored> (Minor issue)
[wheezy] - exiv2 <not-affected> (Vulnerable code not present)
@@ -50786,10 +50790,12 @@ CVE-2018-8977 (In Exiv2 0.26, the Exiv2::Internal::printCsLensFFFF function in .
NOTE: https://github.com/Exiv2/exiv2/issues/247
CVE-2018-8976 (In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial ...)
- exiv2 <unfixed> (low; bug #903813)
+ [buster] - exiv2 <ignored> (Minor issue)
[stretch] - exiv2 <ignored> (Minor issue)
[jessie] - exiv2 <ignored> (Minor issue)
[wheezy] - exiv2 <not-affected> (Vulnerable code not present)
NOTE: https://github.com/Exiv2/exiv2/issues/246
+ NOTE: https://github.com/Exiv2/exiv2/pull/256
CVE-2018-8975 (The pm_mallocarray2 function in lib/util/mallocvar.c in Netpbm through ...)
- netpbm-free <not-affected> (Vulnerable code not present)
NOTE: Debian uses an unaffected fork
@@ -65794,6 +65800,7 @@ CVE-2017-18006 (netpub/server.np in Extensis Portfolio NetPublish has XSS in the
NOT-FOR-US: Extensis Portfolio NetPublish
CVE-2017-18005 (Exiv2 0.26 has a Null Pointer Dereference in the ...)
- exiv2 <unfixed> (low; bug #885981)
+ [buster] - exiv2 <ignored> (Minor issue)
[stretch] - exiv2 <ignored> (Minor issue)
[jessie] - exiv2 <ignored> (Minor issue)
[wheezy] - exiv2 <no-dsa> (Minor issue)
@@ -67288,10 +67295,8 @@ CVE-2017-17727 (DedeCMS through 5.6 allows arbitrary file upload and PHP code ex
CVE-2017-17726
RESERVED
CVE-2017-17725 (In Exiv2 0.26, there is an integer overflow leading to a heap-based ...)
- - exiv2 <unfixed> (low)
- [stretch] - exiv2 <ignored> (Minor issue)
- [jessie] - exiv2 <ignored> (Minor issue)
- [wheezy] - exiv2 <ignored> (Minor issue)
+ [experimental] - exiv2 <unfixed>
+ - exiv2 <not-affected> (Introduced in 0.26)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1525055
NOTE: https://github.com/Exiv2/exiv2/issues/188
NOTE: https://github.com/Exiv2/exiv2/pull/193
@@ -67302,12 +67307,11 @@ CVE-2017-17724 (In Exiv2 0.26, there is a heap-based buffer over-read in the ...
NOTE: https://github.com/Exiv2/exiv2/issues/210
NOTE: https://github.com/Exiv2/exiv2/commit/962962a8e9885ccbca28f624492f1427152a0695
CVE-2017-17723 (In Exiv2 0.26, there is a heap-based buffer over-read in the ...)
- - exiv2 <unfixed> (low)
- [stretch] - exiv2 <ignored> (Minor issue)
- [jessie] - exiv2 <ignored> (Minor issue)
- [wheezy] - exiv2 <ignored> (Minor issue)
+ [experimental] - exiv2 <unfixed>
+ - exiv2 <not-affected> (Introduced in 0.26)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1524104
NOTE: https://github.com/Exiv2/exiv2/issues/229
+ NOTE: https://github.com/Exiv2/exiv2/commit/36df4bc997d74ecc447e4541e2fc3fda10586103
CVE-2017-17722 (In Exiv2 0.26, there is a reachable assertion in the readHeader ...)
[experimental] - exiv2 <unfixed> (low; bug #891044)
- exiv2 <not-affected> (Vulnerable code introduced in 0.26)
@@ -77773,10 +77777,8 @@ CVE-2017-1000190 (SimpleXML (latest version 2.7.1) is vulnerable to an XXE vulne
CVE-2017-1000163 (The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through ...)
NOT-FOR-US: Phoenix Framework
CVE-2017-1000128 (Exiv2 0.26 contains a stack out of bounds read in JPEG2000 parser ...)
- - exiv2 <unfixed> (bug #897260)
- [stretch] - exiv2 <ignored> (Minor issue)
- [jessie] - exiv2 <ignored> (Minor issue)
- [wheezy] - exiv2 <not-affected> (Cannot reproduce with crash file)
+ [experimental] - exiv2 <unfixed>
+ - exiv2 <not-affected> (Vulnerable code introduced in 0.26)
NOTE: http://www.openwall.com/lists/oss-security/2017/06/30/1
NOTE: https://github.com/Exiv2/exiv2/issues/177
CVE-2017-1000127 (Exiv2 0.26 contains a heap buffer overflow in tiff parser ...)
@@ -93755,13 +93757,12 @@ CVE-2017-11684 (There is an illegal address access in the build_table function i
NOTE: Fixed by https://github.com/libav/libav/commit/ec683ed527cef9aad208d1daeb10d0e7fb63e75e.patch
CVE-2017-11683 (There is a reachable assertion in the ...)
{DLA-1147-1}
- - exiv2 <unfixed> (low)
- [stretch] - exiv2 <ignored> (Minor issue)
- [jessie] - exiv2 <ignored> (Minor issue)
+ - exiv2 <unfixed> (unimportant)
NOTE: http://dev.exiv2.org/issues/1307
NOTE: https://github.com/Exiv2/exiv2/issues/57
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1475124
NOTE: Problematic assert() exists in all versions in Debian.
+ NOTE: Negligable security impact
CVE-2017-11682 (Stored Cross-site scripting vulnerability in Hashtopussy 0.4.0 allows ...)
NOT-FOR-US: Hashtopussy
CVE-2017-11681 (Incorrect Access Control vulnerability in Hashtopussy 0.4.0 allows ...)
@@ -94121,6 +94122,7 @@ CVE-2017-11592 (There is a Mismatched Memory Management Routines vulnerability i
CVE-2017-11591 (There is a Floating point exception in the Exiv2::ValueType function in ...)
{DLA-1147-1}
- exiv2 <unfixed> (low; bug #876893)
+ [buster] - exiv2 <ignored> (Minor issue)
[stretch] - exiv2 <ignored> (Minor issue)
[jessie] - exiv2 <ignored> (Minor issue)
NOTE: https://github.com/Exiv2/exiv2/issues/55
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d78ab1d1987851ae7e1c1208014b83b3ba71b748
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d78ab1d1987851ae7e1c1208014b83b3ba71b748
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190225/86431c13/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list