[Secure-testing-commits] r57984 - data/CVE

Salvatore Bonaccorso Thu, 23 Nov 2017 22:34:28 -0800

Author: carnil
Date: 2017-11-24 06:34:09 +0000 (Fri, 24 Nov 2017)
New Revision: 57984


Modified:
   data/CVE/list
Log:
Add upstream issues for exiv2

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-11-24 05:19:29 UTC (rev 57983)
+++ data/CVE/list       2017-11-24 06:34:09 UTC (rev 57984)
@@ -178,12 +178,15 @@
 CVE-2017-1000128 (Exiv2 0.26 contains a stack out of bounds read in JPEG2000 
parser ...)
        - exiv2 <unfixed>
        NOTE: http://www.openwall.com/lists/oss-security/2017/06/30/1
+       NOTE: https://github.com/Exiv2/exiv2/issues/177
 CVE-2017-1000127 (Exiv2 0.26 contains a heap buffer overflow in tiff parser 
...)
        - exiv2 <unfixed>
        NOTE: http://www.openwall.com/lists/oss-security/2017/06/30/1
+       NOTE: https://github.com/Exiv2/exiv2/issues/176
 CVE-2017-1000126 (exiv2 0.26 contains a Stack out of bounds read in webp 
parser ...)
        - exiv2 <unfixed>
        NOTE: http://www.openwall.com/lists/oss-security/2017/06/30/1
+       NOTE: https://github.com/Exiv2/exiv2/issues/175
        NOTE: Can't seem to reproduce this in wheezy.
 CVE-2017-16879 (Stack-based buffer overflow in the _nc_write_entry function in 
...)
        TODO: check


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r57984 - data/CVE

Reply via email to