[Git][security-tracker-team/security-tracker][master] rust-kamadak-exif n/a

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
38dd80c8 by Moritz Muehlenhoff at 2023-04-28T19:33:07+02:00
rust-kamadak-exif n/a

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -176776,8 +176776,9 @@ CVE-2021-21236 (CairoSVG is a Python (pypi) package. CairoSVG is an SVG converte
 	NOTE: Introduced by: https://github.com/Kozea/CairoSVG/commit/4f14d2e8f2d7f9b534c5342e26519b7c27386a81
 	NOTE: Fixed by: https://github.com/Kozea/CairoSVG/commit/063185b60588a41d4df661ad70f9f7b699901abc (2.5.1)
 CVE-2021-21235 (kamadak-exif is an exif parsing library written in pure Rust. In kamad ...)
-	- rust-kamadak-exif <unfixed> (bug #985309)
+	- rust-kamadak-exif <not-affected> (Only affects 0.5.2, #985309)
 	NOTE: https://github.com/kamadak/exif-rs/security/advisories/GHSA-px9g-8hgv-jvg2
+	NOTE: https://rustsec.org/advisories/RUSTSEC-2021-0143.html
 CVE-2021-21234 (spring-boot-actuator-logview in a library that adds a simple logfile v ...)
 	NOT-FOR-US: Spring actuator logview
 CVE-2020-35627 (Ultimate WooCommerce Gift Cards 3.0.2 is affected by a file upload vul ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/38dd80c8b89fd823ecf524b1e884e81a93f0e159

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/38dd80c8b89fd823ecf524b1e884e81a93f0e159
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230428/91a19865/attachment.htm>