Author: carnil
Date: 2017-07-08 20:34:11 +0000 (Sat, 08 Jul 2017)
New Revision: 53293
Modified:
data/CVE/list
Log:
Update status for CVE-2017-9953
Note for reviewers: I still would appreciate an indepented check of
another reviewer for this CVE.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-08 20:25:32 UTC (rev 53292)
+++ data/CVE/list 2017-07-08 20:34:11 UTC (rev 53293)
@@ -1266,12 +1266,11 @@
[wheezy] - binutils <no-dsa> (Minor issue)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21670
CVE-2017-9953 (There is an invalid free in Image::printIFDStructure that leads
to a ...)
- - exiv2 <unfixed>
+ - exiv2 <not-affected> (Vulnerable code not present)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1465061
NOTE: Possibly introduced after
https://github.com/Exiv2/exiv2/commit/fd5e983746c336336039e91cb6b656cf8eeccdea
NOTE: which introduces printIFDStructure function and later
restructurated
NOTE: again. Around that commit upstream source though does not build.
- TODO: check, seems to be introduced after upstream commit
fd5e983746c336336039e91cb6b656cf8eeccdea
CVE-2017-9952
RESERVED
CVE-2017-9951
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
