[Git][security-tracker-team/security-tracker][master] Four more CVEs for exiv2 were affecting only experimental

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
baf5bfa1 by Salvatore Bonaccorso at 2020-01-31T13:55:29+01:00
Four more CVEs for exiv2 were affecting only experimental

More importantly those were then later on fixed in an upstream version
which then moved fixed directly to unstable without making unstable
vulnerable.

Note this appears not to be the case for every of the issues we ever
marked only affected in experimental, so some further extra care and
possibly the marking needs to be updated.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -99549,8 +99549,7 @@ CVE-2018-10782
 CVE-2018-10781
 	RESERVED
 CVE-2018-10780 (Exiv2::Image::byteSwap2 in image.cpp in Exiv2 0.26 has a heap-based bu ...)
-	[experimental] - exiv2 <unfixed>
-	- exiv2 <not-affected> (Vulnerable code introduced later)
+	- exiv2 <not-affected> (Vulnerable code introduced later; only affected experimental)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1575201
 	NOTE: Commit https://github.com/Exiv2/exiv2/commit/74cb5bab132ed76adf15df172c5e8b58cddaa96c
 	NOTE: adresses an overflow, but not solving the invalid write of size 1 via
@@ -103179,14 +103178,13 @@ CVE-2018-9307 (dsmall v20180320 allows XSS via the pdr_sn parameter to public/in
 CVE-2018-9306
 	REJECTED
 CVE-2018-9305 (In Exiv2 0.26, an out-of-bounds read in IptcData::printStructure in ip ...)
-	[experimental] - exiv2 <unfixed>
-	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
+	- exiv2 <not-affected> (Vulnerable code introduced after 0.25; only affected experimental)
 	NOTE: https://github.com/Exiv2/exiv2/issues/263
 CVE-2018-9304 (In Exiv2 0.26, a divide by zero in BigTiffImage::printIFD in bigtiffim ...)
-	- exiv2 <not-affected> (Vulnerable code introduced after 0.26)
+	- exiv2 <not-affected> (Vulnerable code introduced after 0.26; only affected experimental)
 	NOTE: https://github.com/Exiv2/exiv2/issues/262
 CVE-2018-9303 (In Exiv2 0.26, an assertion failure in BigTiffImage::readData in bigti ...)
-	- exiv2 <not-affected> (Vulnerable code introduced after 0.26)
+	- exiv2 <not-affected> (Vulnerable code introduced after 0.26; only affected experimental)
 	NOTE: https://github.com/Exiv2/exiv2/issues/262
 CVE-2018-9302 (SSRF (Server Side Request Forgery) in /assets/lib/fuc.js.php in Cockpi ...)
 	NOT-FOR-US: Cockpit CMS (different from src:cockpit)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/baf5bfa1c7ee3e59691e8e339b1f8f480c8f72c7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/baf5bfa1c7ee3e59691e8e339b1f8f480c8f72c7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200131/26d3292c/attachment.html>