Author: jmm
Date: 2017-09-19 21:14:08 +0000 (Tue, 19 Sep 2017)
New Revision: 55909
Modified:
data/CVE/list
Log:
one libexiv entry confirmed, revert the rest. <not-affected> must only
be used based on code analysis, not by running some reproducer, code
path in older releases might be entirely different
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-19 21:10:15 UTC (rev 55908)
+++ data/CVE/list 2017-09-19 21:14:08 UTC (rev 55909)
@@ -4128,17 +4128,15 @@
NOTE: Crash in CLI tool, no security impact
CVE-2017-12957 (There is a heap-based buffer over-read in libexiv2 in Exiv2
0.26 that ...)
- exiv2 <unfixed>
- [stretch] - exiv2 <not-affected> (Vulnerable code not present)
- [jessie] - exiv2 <not-affected> (Vulnerable code not present)
- [wheezy] - exiv2 <not-affected> (Vulnerable code not present)
+ [stretch] - exiv2 <not-affected> (Incorrect memory allocation
introduced in 0.26)
+ [jessie] - exiv2 <not-affected> (Incorrect memory allocation introduced
in 0.26)
+ [wheezy] - exiv2 <not-affected> (Incorrect memory allocation introduced
in 0.26)
NOTE: https://github.com/Exiv2/exiv2/issues/60
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482423
- NOTE: Not reproducible in wheezy/jessie/stretch/sid(0.25-3.1) => "The
file contains data of an unknown image type"
- NOTE: Reproducible in experimental (0.26-1).
+ NOTE: Experimental is affected, unstable is not, strictly speaking this
could all
+ NOTE: be marked <not-affected>, but keeping it marked <unfixed> to
ensure we track the fix
CVE-2017-12956 (There is an illegal address access in
Exiv2::FileIo::path[abi:cxx11]() ...)
- exiv2 <unfixed>
- [stretch] - exiv2 <not-affected> (Vulnerable code not present)
- [jessie] - exiv2 <not-affected> (Vulnerable code not present)
[wheezy] - exiv2 <not-affected> (Vulnerable code not present)
NOTE: https://github.com/Exiv2/exiv2/issues/59
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482296
@@ -4146,8 +4144,6 @@
NOTE: Reproducible in experimental (0.26-1).
CVE-2017-12955 (There is a heap-based buffer overflow in basicio.cpp of Exiv2
0.26. The ...)
- exiv2 <unfixed>
- [stretch] - exiv2 <not-affected> (Vulnerable code not present)
- [jessie] - exiv2 <not-affected> (Vulnerable code not present)
[wheezy] - exiv2 <not-affected> (Vulnerable code not present)
NOTE: https://github.com/Exiv2/exiv2/issues/58
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482295
@@ -8246,8 +8242,6 @@
NOT-FOR-US: Chrome extension Markdown Preview Plus
CVE-2017-11592 (There is a Mismatched Memory Management Routines vulnerability
in the ...)
- exiv2 <unfixed> (low)
- [stretch] - exiv2 <not-affected> (Vulnerable code not present)
- [jessie] - exiv2 <not-affected> (Vulnerable code not present)
[wheezy] - exiv2 <not-affected> (Vulnerable code not present)
NOTE: https://github.com/Exiv2/exiv2/issues/56
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1473889
@@ -8377,8 +8371,6 @@
NOTE: https://github.com/sass/libsass/issues/2445
CVE-2017-11553 (There is an illegal address access in the extend_alias_table
function ...)
- exiv2 <unfixed> (low)
- [stretch] - exiv2 <not-affected> (Not reproducible)
- [jessie] - exiv2 <not-affected> (Not reproducible)
[wheezy] - exiv2 <not-affected> (Not reproducible)
NOTE: https://github.com/Exiv2/exiv2/issues/54
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1471772
@@ -8998,8 +8990,6 @@
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470714
CVE-2017-11340 (There is a Segmentation fault in the XmpParser::terminate()
function in ...)
- exiv2 <unfixed> (bug #868578)
- [stretch] - exiv2 <not-affected> (Not reproducible)
- [jessie] - exiv2 <not-affected> (Not reproducible)
[wheezy] - exiv2 <not-affected> (Not reproducible)
NOTE: https://github.com/Exiv2/exiv2/issues/53
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470950
@@ -9007,8 +8997,6 @@
NOTE: Reproducible with 0.26-1 (experimental) although I get another
error "free(): invalid next size (fast)".
CVE-2017-11339 (There is a heap-based buffer overflow in the
Image::printIFDStructure ...)
- exiv2 <unfixed> (bug #868578)
- [stretch] - exiv2 <not-affected> (Vulnerable code not present)
- [jessie] - exiv2 <not-affected> (Vulnerable code not present)
[wheezy] - exiv2 <not-affected> (Vulnerable code not present)
NOTE: https://github.com/Exiv2/exiv2/issues/52
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470946
@@ -9016,8 +9004,6 @@
NOTE: Reproducible with 0.26-1 (experimental) although I get another
error "free(): invalid next size (fast)".
CVE-2017-11338 (There is an infinite loop in the
Exiv2::Image::printIFDStructure ...)
- exiv2 <unfixed> (bug #868578)
- [stretch] - exiv2 <not-affected> (Vulnerable code not present)
- [jessie] - exiv2 <not-affected> (Vulnerable code not present)
[wheezy] - exiv2 <not-affected> (Vulnerable code not present)
NOTE: https://github.com/Exiv2/exiv2/issues/51
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470913
@@ -9025,8 +9011,6 @@
NOTE: Reproducible with 0.26-1 (experimental).
CVE-2017-11337 (There is an invalid free in the Action::TaskFactory::cleanup
function ...)
- exiv2 <unfixed> (bug #868578)
- [stretch] - exiv2 <not-affected> (Not reproducible)
- [jessie] - exiv2 <not-affected> (Not reproducible)
[wheezy] - exiv2 <not-affected> (Not reproducible)
NOTE: https://github.com/Exiv2/exiv2/issues/50
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470737
@@ -9035,8 +9019,6 @@
NOTE: Action::TaskFactory::cleanup function is the same in all
versions, so the problem is likely an earlier memory corruption.
CVE-2017-11336 (There is a heap-based buffer over-read in the
Image::printIFDStructure ...)
- exiv2 <unfixed> (bug #868578)
- [stretch] - exiv2 <not-affected> (Vulnerable code not present)
- [jessie] - exiv2 <not-affected> (Vulnerable code not present)
[wheezy] - exiv2 <not-affected> (Vulnerable code not present)
NOTE: https://github.com/Exiv2/exiv2/issues/49
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470729
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
