Author: carnil Date: 2017-10-28 15:50:37 +0000 (Sat, 28 Oct 2017) New Revision: 57083
Modified: data/CVE/list Log: Reported another bug for exiv2 in experimental Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-10-28 15:44:18 UTC (rev 57082) +++ data/CVE/list 2017-10-28 15:50:37 UTC (rev 57083) @@ -2823,11 +2823,10 @@ NOTE: Unreproducible on wheezy/jessie/stretch/sid(0.25-3.1). NOTE: Reproducible in experimental(0.26-1) with valgrind (and segfault without valgrind). CVE-2017-14861 (There is a stack consumption vulnerability in the ...) - [experimental] - exiv2 <unfixed> + [experimental] - exiv2 <unfixed> (bug #880027) - exiv2 <not-affected> (printIFDStructure introduced in 0.26) NOTE: https://github.com/Exiv2/exiv2/issues/139 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1494787 - TODO: report against experimental version NOTE: Unreproducible on wheezy/jessie/stretch/sid(0.25-3.1). NOTE: Reproducible in experimental(0.26-1) with valgrind (and segfault without valgrind). CVE-2017-14860 (There is a heap-based buffer over-read in the ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits