[Git][security-tracker-team/security-tracker][master] 2 commits: Reference commit for CVE-2019-9278/libexif
Salvatore Bonaccorso
carnil at debian.org
Sat Jan 18 12:12:50 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bc94bb43 by Salvatore Bonaccorso at 2020-01-18T13:02:19+01:00
Reference commit for CVE-2019-9278/libexif
- - - - -
53cb5c19 by Salvatore Bonaccorso at 2020-01-18T13:12:29+01:00
Taking temporanely a look at libexif issue
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -47682,6 +47682,7 @@ CVE-2019-9278 (In libexif, there is a possible out of bounds write due to an int
- libexif <unfixed> (bug #945948)
NOTE: https://android.googlesource.com/platform/external/libexif/+/a5e8e5812a11ec9686294de8a5d68aaf2ab72475%5E%21/#F0
NOTE: https://github.com/libexif/libexif/issues/26
+ NOTE: https://github.com/libexif/libexif/commit/75aa73267fdb1e0ebfbc00369e7312bac43d0566
CVE-2019-9277 (In the proc filesystem, there is a possible information disclosure due ...)
NOT-FOR-US: Android
CVE-2019-9276 (In the Android kernel in the synaptics_dsx_htc touchscreen driver ther ...)
=====================================
data/dsa-needed.txt
=====================================
@@ -27,7 +27,7 @@ graphicsmagick
--
jruby/oldstable
--
-libexif
+libexif (carnil)
--
libopenmpt
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/6242c31e107fab5a200b97fb2312115ef1763ff6...53cb5c194b2fbf4d73d3a45f772a5fc1689b09e2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/6242c31e107fab5a200b97fb2312115ef1763ff6...53cb5c194b2fbf4d73d3a45f772a5fc1689b09e2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200118/931b3d3a/attachment.html>
More information about the debian-security-tracker-commits
mailing list