Author: hertzog
Date: 2017-09-19 14:02:55 +0000 (Tue, 19 Sep 2017)
New Revision: 55900
Modified:
data/CVE/list
Log:
Reclassify exiv2 CVE according to my findings
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-19 12:45:19 UTC (rev 55899)
+++ data/CVE/list 2017-09-19 14:02:55 UTC (rev 55900)
@@ -4129,18 +4129,27 @@
NOTE: Crash in CLI tool, no security impact
CVE-2017-12957 (There is a heap-based buffer over-read in libexiv2 in Exiv2
0.26 that ...)
- exiv2 <unfixed>
+ [stretch] - exiv2 <not-affected> (Vulnerable code not present)
+ [jessie] - exiv2 <not-affected> (Vulnerable code not present)
+ [wheezy] - exiv2 <not-affected> (Vulnerable code not present)
NOTE: https://github.com/Exiv2/exiv2/issues/60
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482423
NOTE: Not reproducible in wheezy/jessie/stretch/sid(0.25-3.1) => "The
file contains data of an unknown image type"
NOTE: Reproducible in experimental (0.26-1).
CVE-2017-12956 (There is an illegal address access in
Exiv2::FileIo::path[abi:cxx11]() ...)
- exiv2 <unfixed>
+ [stretch] - exiv2 <not-affected> (Vulnerable code not present)
+ [jessie] - exiv2 <not-affected> (Vulnerable code not present)
+ [wheezy] - exiv2 <not-affected> (Vulnerable code not present)
NOTE: https://github.com/Exiv2/exiv2/issues/59
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482296
NOTE: Not reproducible in wheezy/jessie/stretch/sid(0.25-3.1) => "The
file contains data of an unknown image type"
NOTE: Reproducible in experimental (0.26-1).
CVE-2017-12955 (There is a heap-based buffer overflow in basicio.cpp of Exiv2
0.26. The ...)
- exiv2 <unfixed>
+ [stretch] - exiv2 <not-affected> (Vulnerable code not present)
+ [jessie] - exiv2 <not-affected> (Vulnerable code not present)
+ [wheezy] - exiv2 <not-affected> (Vulnerable code not present)
NOTE: https://github.com/Exiv2/exiv2/issues/58
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482295
NOTE: Not reproducible in wheezy/jessie/stretch/sid(0.25-3.1) => "The
memory contains data of an unknown image type"
@@ -7893,6 +7902,7 @@
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1475124
NOTE: Not reproducible in wheezy/jessie/stretch/sid(0.25-3.1).
NOTE: Reproducible in experimental(0.26-1).
+ NOTE: Problematic assert() exists in all versions in Debian.
CVE-2017-11682 (Stored Cross-site scripting vulnerability in Hashtopussy 0.4.0
allows ...)
NOT-FOR-US: Hashtopussy
CVE-2017-11681 (Incorrect Access Control vulnerability in Hashtopussy 0.4.0
allows ...)
@@ -8236,8 +8246,9 @@
NOT-FOR-US: Chrome extension Markdown Preview Plus
CVE-2017-11592 (There is a Mismatched Memory Management Routines vulnerability
in the ...)
- exiv2 <unfixed> (low)
- [stretch] - exiv2 <no-dsa> (Minor issue)
- [jessie] - exiv2 <no-dsa> (Minor issue)
+ [stretch] - exiv2 <not-affected> (Vulnerable code not present)
+ [jessie] - exiv2 <not-affected> (Vulnerable code not present)
+ [wheezy] - exiv2 <not-affected> (Vulnerable code not present)
NOTE: https://github.com/Exiv2/exiv2/issues/56
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1473889
NOTE: Not reproducible in wheezy/jessie/stretch/sid(0.25-3.1).
@@ -8366,8 +8377,9 @@
NOTE: https://github.com/sass/libsass/issues/2445
CVE-2017-11553 (There is an illegal address access in the extend_alias_table
function ...)
- exiv2 <unfixed> (low)
- [stretch] - exiv2 <no-dsa> (Minor issue)
- [jessie] - exiv2 <no-dsa> (Minor issue)
+ [stretch] - exiv2 <not-affected> (Not reproducible)
+ [jessie] - exiv2 <not-affected> (Not reproducible)
+ [jessie] - exiv2 <not-affected> (Not reproducible)
NOTE: https://github.com/Exiv2/exiv2/issues/54
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1471772
NOTE: Not reproducible in wheezy/jessie/stretch.
@@ -8986,40 +8998,46 @@
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470714
CVE-2017-11340 (There is a Segmentation fault in the XmpParser::terminate()
function in ...)
- exiv2 <unfixed> (bug #868578)
- [stretch] - exiv2 <no-dsa> (Minor issue)
- [jessie] - exiv2 <no-dsa> (Minor issue)
+ [stretch] - exiv2 <not-affected> (Not reproducible)
+ [jessie] - exiv2 <not-affected> (Not reproducible)
+ [wheezy] - exiv2 <not-affected> (Not reproducible)
NOTE: https://github.com/Exiv2/exiv2/issues/53
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470950
NOTE: Not reproducible in wheezy/jessie/stretch, I get "The file
contains data of an unknown image type".
NOTE: Reproducible with 0.26-1 (experimental) although I get another
error "free(): invalid next size (fast)".
CVE-2017-11339 (There is a heap-based buffer overflow in the
Image::printIFDStructure ...)
- exiv2 <unfixed> (bug #868578)
- [stretch] - exiv2 <no-dsa> (Minor issue)
- [jessie] - exiv2 <no-dsa> (Minor issue)
+ [stretch] - exiv2 <not-affected> (Vulnerable code not present)
+ [jessie] - exiv2 <not-affected> (Vulnerable code not present)
+ [wheezy] - exiv2 <not-affected> (Vulnerable code not present)
NOTE: https://github.com/Exiv2/exiv2/issues/52
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470946
NOTE: Not reproducible in wheezy/jessie/stretch, I get "The file
contains data of an unknown image type".
NOTE: Reproducible with 0.26-1 (experimental) although I get another
error "free(): invalid next size (fast)".
CVE-2017-11338 (There is an infinite loop in the
Exiv2::Image::printIFDStructure ...)
- exiv2 <unfixed> (bug #868578)
- [stretch] - exiv2 <no-dsa> (Minor issue)
- [jessie] - exiv2 <no-dsa> (Minor issue)
+ [stretch] - exiv2 <not-affected> (Vulnerable code not present)
+ [jessie] - exiv2 <not-affected> (Vulnerable code not present)
+ [wheezy] - exiv2 <not-affected> (Vulnerable code not present)
NOTE: https://github.com/Exiv2/exiv2/issues/51
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470913
NOTE: Not reproducible in wheezy/jessie/stretch, I get "No Exif data
found in the file".
NOTE: Reproducible with 0.26-1 (experimental).
CVE-2017-11337 (There is an invalid free in the Action::TaskFactory::cleanup
function ...)
- exiv2 <unfixed> (bug #868578)
- [stretch] - exiv2 <no-dsa> (Minor issue)
- [jessie] - exiv2 <no-dsa> (Minor issue)
+ [stretch] - exiv2 <not-affected> (Not reproducible)
+ [jessie] - exiv2 <not-affected> (Not reproducible)
+ [wheezy] - exiv2 <not-affected> (Not reproducible)
NOTE: https://github.com/Exiv2/exiv2/issues/50
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470737
NOTE: Not reproducible in wheezy/jessie/stretch (even with valgrind), I
get "No Exif data found in the file".
NOTE: Reproducible with 0.26-1 (experimental).
+ NOTE: Action::TaskFactory::cleanup function is the same in all
versions, so the problem is likely an earlier memory corruption.
CVE-2017-11336 (There is a heap-based buffer over-read in the
Image::printIFDStructure ...)
- exiv2 <unfixed> (bug #868578)
- [stretch] - exiv2 <no-dsa> (Minor issue)
- [jessie] - exiv2 <no-dsa> (Minor issue)
+ [stretch] - exiv2 <not-affected> (Vulnerable code not present)
+ [jessie] - exiv2 <not-affected> (Vulnerable code not present)
+ [wheezy] - exiv2 <not-affected> (Vulnerable code not present)
NOTE: https://github.com/Exiv2/exiv2/issues/49
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470729
NOTE: Not reproducible in wheezy/jessie/stretch (even with valgrind).
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
