Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
780eba61 by Thorsten Alteholz at 2019-02-26T19:16:07Z
CVE-2018-17581 will be fixed in Jessie
- - - - -
cd382e17 by Thorsten Alteholz at 2019-02-26T19:16:08Z
CVE-2018-19107 will be fixed in Jessie
- - - - -
36a13878 by Thorsten Alteholz at 2019-02-26T19:16:09Z
CVE-2018-19108 will be fixed in Jessie
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -24306,7 +24306,6 @@ CVE-2018-19109 (tianti 2.3 allows remote authenticated
users to bypass intended
CVE-2018-19108 (In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp
in the PSD ...)
- exiv2 <unfixed> (bug #913272)
[stretch] - exiv2 <no-dsa> (Minor issue)
- [jessie] - exiv2 <ignored> (Minor issue)
NOTE: https://github.com/Exiv2/exiv2/issues/426
NOTE: https://github.com/Exiv2/exiv2/pull/518
NOTE:
https://github.com/Exiv2/exiv2/commit/68966932510213b5656fcf433ab6d7e26f48e23b
@@ -24314,7 +24313,6 @@ CVE-2018-19108 (In Exiv2 0.26,
Exiv2::PsdImage::readMetadata in psdimage.cpp in
CVE-2018-19107 (In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called
from ...)
- exiv2 <unfixed> (bug #913273)
[stretch] - exiv2 <no-dsa> (Minor issue)
- [jessie] - exiv2 <ignored> (Minor issue)
NOTE: https://github.com/Exiv2/exiv2/issues/427
NOTE: https://github.com/Exiv2/exiv2/pull/518
NOTE:
https://github.com/Exiv2/exiv2/commit/68966932510213b5656fcf433ab6d7e26f48e23b
@@ -28270,7 +28268,6 @@ CVE-2018-17582 (Tcpreplay v4.3.0 beta1 contains a
heap-based buffer over-read. T
CVE-2018-17581 (CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2
0.26 has ...)
- exiv2 <unfixed> (low; bug #910060)
[stretch] - exiv2 <no-dsa> (Minor issue)
- [jessie] - exiv2 <no-dsa> (Minor issue)
NOTE: https://github.com/Exiv2/exiv2/issues/460
NOTE: Fixed in:
https://github.com/Exiv2/exiv2/commit/b3d077dcaefb6747fff8204490f33eba5a144edb
CVE-2018-17580 (A heap-based buffer over-read exists in the function
fast_edit_packet() ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/fb2a8c163b79aec9aefb54191ae5d868eb97ee6e...36a13878a69bcf4812f3551e17f651e7430d91f0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/fb2a8c163b79aec9aefb54191ae5d868eb97ee6e...36a13878a69bcf4812f3551e17f651e7430d91f0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
