[Git][security-tracker-team/security-tracker][master] drop a few no-dsa entries for exiv, which will be fixed along in DSA

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Aug 6 11:36:55 BST 2021 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
986f784a by Moritz Muehlenhoff at 2021-08-06T12:36:05+02:00
drop a few no-dsa entries for exiv, which will be fixed along in DSA

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -19502,7 +19502,6 @@ CVE-2021-30002 (An issue was discovered in the Linux kernel before 5.11.3 when a
 CVE-2021-3482 (A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. ...)
 	- exiv2 <unfixed> (bug #986888)
 	[bullseye] - exiv2 <no-dsa> (Minor issue)
-	[buster] - exiv2 <no-dsa> (Minor issue)
 	[stretch] - exiv2 <postponed> (Minor issue; can be fixed in next update)
 	NOTE: https://github.com/Exiv2/exiv2/issues/1522
 	NOTE: https://github.com/Exiv2/exiv2/commit/22ea582c6b74ada30bec3a6b15de3c3e52f2b4da
@@ -20620,7 +20619,6 @@ CVE-2021-29474 (HedgeDoc (formerly known as CodiMD) is an open-source collaborat
 CVE-2021-29473 (Exiv2 is a C++ library and a command-line utility to read, write, dele ...)
 	- exiv2 <unfixed> (bug #987736)
 	[bullseye] - exiv2 <no-dsa> (Minor issue)
-	[buster] - exiv2 <not-affected> (Vulnerable code introduced later)
 	[stretch] - exiv2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Exiv2/exiv2/security/advisories/GHSA-7569-phvm-vwc2
 	NOTE: https://github.com/Exiv2/exiv2/pull/1587
@@ -20703,7 +20701,6 @@ CVE-2021-29458 (Exiv2 is a command-line utility and C++ library for reading, wri
 CVE-2021-29457 (Exiv2 is a command-line utility and C++ library for reading, writing,  ...)
 	- exiv2 <unfixed> (bug #987277)
 	[bullseye] - exiv2 <no-dsa> (Minor issue)
-	[buster] - exiv2 <no-dsa> (Minor issue)
 	[stretch] - exiv2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/Exiv2/exiv2/security/advisories/GHSA-v74w-h496-cgqm
 	NOTE: https://github.com/Exiv2/exiv2/issues/1529
@@ -104179,7 +104176,6 @@ CVE-2019-20422 (In the Linux kernel before 5.3.4, fib6_rule_lookup in net/ipv6/i
 	NOTE: https://git.kernel.org/linus/7b09c2d052db4b4ad0b27b97918b46a7746966fa
 CVE-2019-20421 (In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input  ...)
 	- exiv2 0.27.2-8 (low; bug #950183)
-	[buster] - exiv2 <ignored> (Minor issue)
 	[stretch] - exiv2 <ignored> (Minor issue)
 	[jessie] - exiv2 <ignored> (Minor issue)
 	NOTE: https://github.com/Exiv2/exiv2/commit/a82098f4f90cd86297131b5663c3dec6a34470e8



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/986f784aceb37570a9438127b926f8695f73e229

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/986f784aceb37570a9438127b926f8695f73e229
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210806/bd32bb22/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list