Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 291c52d6 by Salvatore Bonaccorso at 2018-10-13T09:46:18Z Filled bug for CVE-2018-9145/exiv2 in experimental The issue likely does not affect versions prior to 0.26 upstream before https://github.com/Exiv2/exiv2/commit/163f3ce7f17a143f58d857a5cba3cb7b24436a2a but more analysis is pending before moving to <not-affected> status. - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -23208,6 +23208,7 @@ CVE-2018-9147 (Cross-site scripting (XSS) vulnerabilities in version 7.5.7 of Ge CVE-2018-9146 REJECTED CVE-2018-9145 (In the DataBuf class in include/exiv2/types.hpp in Exiv2 0.26, an ...) + [experimental] - exiv2 <unfixed> (bug #910909) - exiv2 <undetermined> [jessie] - exiv2 <not-affected> (Vulnerable code not present) [wheezy] - exiv2 <ignored> (Minor issue) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/291c52d63cb53729344c52074514533065c7abc4 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/291c52d63cb53729344c52074514533065c7abc4 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
