Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: a46e4580 by Salvatore Bonaccorso at 2019-11-27T07:01:19Z Track source package for CVE-2019-17402/exiv2 - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -7851,6 +7851,11 @@ CVE-2019-17404 (Nokia IMPACT < 18A: allows full path disclosure ...) CVE-2019-17403 (Nokia IMPACT < 18A: An unrestricted File Upload vulnerability was f ...) NOT-FOR-US: Nokia CVE-2019-17402 (Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in ...) + - exiv2 <undetermined> + NOTE: https://github.com/Exiv2/exiv2/issues/1019 + NOTE: https://github.com/Exiv2/exiv2/commit/88054239e3c914862d13f6ac89a19a104fa2c076 (master) + NOTE: https://github.com/Exiv2/exiv2/commit/50e9dd964a439da357798344ed1dd86edcadf0ec (0.27-branch) + NOTE: Follow-up: https://github.com/Exiv2/exiv2/issues/1026 TODO: check CVE-2019-17401 (** DISPUTED ** libyal liblnk 20191006 has a heap-based buffer over-rea ...) - liblnk <unfixed> (low) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a46e458064b72980c3f34cdfcd1292bc6bb450f4 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a46e458064b72980c3f34cdfcd1292bc6bb450f4 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits