Roberto C. Sánchez pushed to branch master at Debian Security Tracker / security-tracker
Commits: 74b0b626 by Roberto C. Sánchez at 2018-06-27T23:37:54-04:00 Annotate commits related to exiv2/CVE-2018-12264 - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -1743,6 +1743,8 @@ CVE-2018-12265 (Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class i CVE-2018-12264 (Exiv2 0.26 has integer overflows in LoaderTiff::getData() in ...) - exiv2 <unfixed> (bug #901707) NOTE: https://github.com/Exiv2/exiv2/issues/366 + NOTE: https://github.com/Exiv2/exiv2/commit/937a1a2bd067b8b3b787f3757089d972f3a39853 + NOTE: https://github.com/Exiv2/exiv2/commit/fe70939f54476e99046245ca69ff27012401f759 CVE-2018-12263 (portfolioCMS 1.0.5 allows upload of arbitrary .php files via the ...) NOT-FOR-US: portfolioCMS CVE-2018-12262 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/74b0b626f68deb9844c29941dfe73347efac8817 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/74b0b626f68deb9844c29941dfe73347efac8817 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits