[Git][security-tracker-team/security-tracker][master] Update tracking for CVE-2018-19607/exiv2

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
43bb1665 by Salvatore Bonaccorso at 2020-01-30T12:52:52+01:00
Update tracking for CVE-2018-19607/exiv2

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -74626,8 +74626,7 @@ CVE-2019-0537 (An information disclosure vulnerability exists when Visual Studio
 CVE-2019-0536 (An information disclosure vulnerability exists when the Windows kernel ...)
 	NOT-FOR-US: Microsoft
 CVE-2018-19607 (Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote att ...)
-	[experimental] - exiv2 <unfixed> (bug #915134)
-	- exiv2 <not-affected> (Vulnerable code introduced later)
+	- exiv2 <not-affected> (Vulnerable code introduced later; only affected experimental; bug #915134)
 	NOTE: Introduced by: https://github.com/Exiv2/exiv2/commit/97e7905a8b90fcbd5e8c440ad7d55bf8ffe007e5
 	NOTE: Fixed by: https://github.com/Exiv2/exiv2/commit/6e42c1b55e0fc4f360cc56010b0ffe19aa6062d9
 CVE-2018-19606



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/43bb1665b192b890b0e7297a488762a3ceaf0fbd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/43bb1665b192b890b0e7297a488762a3ceaf0fbd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200130/c551760b/attachment.html>