[Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2018-17581 will be fixed in Jessie
Thorsten Alteholz
alteholz at debian.org
Tue Feb 26 19:15:26 GMT 2019
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits:
780eba61 by Thorsten Alteholz at 2019-02-26T19:16:07Z
CVE-2018-17581 will be fixed in Jessie
- - - - -
cd382e17 by Thorsten Alteholz at 2019-02-26T19:16:08Z
CVE-2018-19107 will be fixed in Jessie
- - - - -
36a13878 by Thorsten Alteholz at 2019-02-26T19:16:09Z
CVE-2018-19108 will be fixed in Jessie
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -24306,7 +24306,6 @@ CVE-2018-19109 (tianti 2.3 allows remote authenticated users to bypass intended
CVE-2018-19108 (In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD ...)
- exiv2 <unfixed> (bug #913272)
[stretch] - exiv2 <no-dsa> (Minor issue)
- [jessie] - exiv2 <ignored> (Minor issue)
NOTE: https://github.com/Exiv2/exiv2/issues/426
NOTE: https://github.com/Exiv2/exiv2/pull/518
NOTE: https://github.com/Exiv2/exiv2/commit/68966932510213b5656fcf433ab6d7e26f48e23b
@@ -24314,7 +24313,6 @@ CVE-2018-19108 (In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in
CVE-2018-19107 (In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from ...)
- exiv2 <unfixed> (bug #913273)
[stretch] - exiv2 <no-dsa> (Minor issue)
- [jessie] - exiv2 <ignored> (Minor issue)
NOTE: https://github.com/Exiv2/exiv2/issues/427
NOTE: https://github.com/Exiv2/exiv2/pull/518
NOTE: https://github.com/Exiv2/exiv2/commit/68966932510213b5656fcf433ab6d7e26f48e23b
@@ -28270,7 +28268,6 @@ CVE-2018-17582 (Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. T
CVE-2018-17581 (CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has ...)
- exiv2 <unfixed> (low; bug #910060)
[stretch] - exiv2 <no-dsa> (Minor issue)
- [jessie] - exiv2 <no-dsa> (Minor issue)
NOTE: https://github.com/Exiv2/exiv2/issues/460
NOTE: Fixed in: https://github.com/Exiv2/exiv2/commit/b3d077dcaefb6747fff8204490f33eba5a144edb
CVE-2018-17580 (A heap-based buffer over-read exists in the function fast_edit_packet() ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/fb2a8c163b79aec9aefb54191ae5d868eb97ee6e...36a13878a69bcf4812f3551e17f651e7430d91f0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/fb2a8c163b79aec9aefb54191ae5d868eb97ee6e...36a13878a69bcf4812f3551e17f651e7430d91f0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190226/b6eb3e64/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list