Skip to content
GitLab
Explore
Sign in
Register
Commits on Source (3)
Update tracking information for CVE-2017-11553 /exiv2
· 07471640
Salvatore Bonaccorso
authored
Feb 02, 2020
07471640
Update tracking information for CVE-2017-11592/exiv2
· 5c3e1b73
Salvatore Bonaccorso
authored
Feb 02, 2020
5c3e1b73
Add fixed version via unstble for CVE-2017-11591/exiv2
· 0feb4b82
Salvatore Bonaccorso
authored
Feb 02, 2020
0feb4b82
Show whitespace changes
Inline
Side-by-side
data/CVE/list
View file @
0feb4b82
...
...
@@ -147511,15 +147511,12 @@ CVE-2017-11594 (Cross-site scripting (XSS) vulnerability in the Markdown parser
CVE-2017-11593 (Cross-site scripting (XSS) vulnerability in the Markdown Preview Plus ...)
NOT-FOR-US: Chrome extension Markdown Preview Plus
CVE-2017-11592 (There is a Mismatched Memory Management Routines vulnerability in the ...)
[experimental] - exiv2 <unfixed> (bug #895568)
- exiv2 <not-affected> (printTiffStructure introduced in 0.26)
- exiv2 <not-affected> (printTiffStructure introduced in 0.26; only affected experimental; bug #895568)
NOTE: https://github.com/Exiv2/exiv2/issues/56
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1473889
NOTE: Not reproducible in wheezy/jessie/stretch/sid(0.25-3.1).
NOTE: Reproducible in experimental with version 0.26-1.
CVE-2017-11591 (There is a Floating point exception in the Exiv2::ValueType function i ...)
{DLA-1147-1}
- exiv2
<unfixed>
(low; bug #876893)
- exiv2
0.27.2-6
(low; bug #876893)
[buster] - exiv2 <ignored> (Minor issue)
[stretch] - exiv2 <ignored> (Minor issue)
[jessie] - exiv2 <ignored> (Minor issue)
...
...
@@ -147643,12 +147640,9 @@ CVE-2017-11554 (There is a stack consumption vulnerability in the lex function i
NOTE: https://github.com/sass/libsass/issues/2445
NOTE: https://github.com/sass/libsass/commit/7664114543757e932f5b1a2ff5295aa9b34f8623
CVE-2017-11553 (There is an illegal address access in the extend_alias_table function ...)
[experimental] - exiv2 <unfixed> (low; bug #888874)
- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
- exiv2 <not-affected> (Vulnerable code introduced after 0.25; only present in experimental; bug #888874)
NOTE: https://github.com/Exiv2/exiv2/issues/54
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1471772
NOTE: Not reproducible in wheezy/jessie/stretch.
NOTE: Reproducible with 0.26-1 (experimental).
CVE-2017-11552 (mpg321.c in mpg321 0.3.2-1 does not properly manage memory for use wit ...)
- mpg321 0.3.2-2 (bug #870406)
[stretch] - mpg321 <no-dsa> (Minor issue)
Salvatore Bonaccorso authored
Salvatore Bonaccorso authored
Salvatore Bonaccorso authored