[Git][security-tracker-team/security-tracker][master] Track source package for CVE-2019-17402/exiv2

Tue, 26 Nov 2019 23:02:35 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
a46e4580 by Salvatore Bonaccorso at 2019-11-27T07:01:19Z
Track source package for CVE-2019-17402/exiv2

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7851,6 +7851,11 @@ CVE-2019-17404 (Nokia IMPACT < 18A: allows full path 
disclosure ...)
 CVE-2019-17403 (Nokia IMPACT < 18A: An unrestricted File Upload 
vulnerability was f ...)
        NOT-FOR-US: Nokia
 CVE-2019-17402 (Exiv2 0.27.2 allows attackers to trigger a crash in 
Exiv2::getULong in ...)
+       - exiv2 <undetermined>
+       NOTE: https://github.com/Exiv2/exiv2/issues/1019
+       NOTE: 
https://github.com/Exiv2/exiv2/commit/88054239e3c914862d13f6ac89a19a104fa2c076 
(master)
+       NOTE: 
https://github.com/Exiv2/exiv2/commit/50e9dd964a439da357798344ed1dd86edcadf0ec 
(0.27-branch)
+       NOTE: Follow-up: https://github.com/Exiv2/exiv2/issues/1026
        TODO: check
 CVE-2019-17401 (** DISPUTED ** libyal liblnk 20191006 has a heap-based buffer 
over-rea ...)
        - liblnk <unfixed> (low)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a46e458064b72980c3f34cdfcd1292bc6bb450f4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a46e458064b72980c3f34cdfcd1292bc6bb450f4
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to