[Git][security-tracker-team/security-tracker][master] one exiv2 issue ignored
Moritz Muehlenhoff
jmm at debian.org
Fri Feb 7 08:30:20 GMT 2020
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e883e581 by Moritz Muehlenhoff at 2020-02-07T09:29:53+01:00
one exiv2 issue ignored
track pillow commits instead of PRs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1734,7 +1734,9 @@ CVE-2019-20422 (In the Linux kernel before 5.3.4, fib6_rule_lookup in net/ipv6/i
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7b09c2d052db4b4ad0b27b97918b46a7746966fa
CVE-2019-20421 (In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input ...)
- - exiv2 0.27.2-8 (bug #950183)
+ - exiv2 0.27.2-8 (low; bug #950183)
+ [buster] - exiv2 <ignored> (Minor issue)
+ [stretch] - exiv2 <ignored> (Minor issue)
[jessie] - exiv2 <ignored> (Minor issue)
NOTE: https://github.com/Exiv2/exiv2/commit/a82098f4f90cd86297131b5663c3dec6a34470e8
NOTE: https://github.com/Exiv2/exiv2/issues/1011
@@ -27321,10 +27323,10 @@ CVE-2019-16865 (An issue was discovered in Pillow before 6.2.0. When reading spe
[stretch] - pillow <no-dsa> (Minor issue)
[jessie] - pillow <no-dsa> (Risk of regressions is too high)
- python-imaging <removed>
- NOTE: https://github.com/python-pillow/Pillow/pull/4101
- NOTE: https://github.com/python-pillow/Pillow/pull/4102
- NOTE: https://github.com/python-pillow/Pillow/pull/4103
- NOTE: https://github.com/python-pillow/Pillow/pull/4104
+ NOTE: https://github.com/python-pillow/Pillow/commit/b36c1bc943d554ba223086c7efb502d080f73905
+ NOTE: https://github.com/python-pillow/Pillow/commit/f228d0ccbf6bf9392d7fcd51356ef2cfda80c75a
+ NOTE: https://github.com/python-pillow/Pillow/commit/b9693a51c99c260bd66d1affeeab4a226cf7e5a5
+ NOTE: https://github.com/python-pillow/Pillow/commit/cc16025e234b7a7a4dd3a86d2fdc0980698db9cc
CVE-2019-16864
RESERVED
CVE-2019-16863 (STMicroelectronics ST33TPHF2ESPI TPM devices before 2019-09-12 allow a ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e883e581ec7f8979fbcc906e578c2b74f3e469b3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e883e581ec7f8979fbcc906e578c2b74f3e469b3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200207/989be0e5/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list