data/dla-needed.txt: Triage exiv2 for buster LTS (CVE-2020-19716)

author: Chris Lamb <lamby@debian.org> 2022-08-19 12:45:40 -0700
committer: Chris Lamb <lamby@debian.org> 2022-08-19 12:45:40 -0700
commit: e695a8b51235f329adfb5a220f2b5894154c1bff (patch)
tree: 1a17b407fa6ac8c2afc5c175b2d31b1a02b19c6d /data/dla-needed.txt
parent: ebb046ec289d0ff759d48646da248646a4c7dcf1 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/data/dla-needed.txt b/data/dla-needed.txt
index 21bc59784f..a91d2044a1 100644
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -29,6 +29,10 @@ asterisk (Markus Koschany)
 curl (Markus Koschany)
   NOTE: 20220802: Programming language: C.
 --
+exiv2
+  NOTE: 20220819: Programming language: C++.
+  NOTE: 20220819: https://github.com/Exiv2/exiv2/commit/109d5df7abd329f141b500c92a00178d35a6bef3#diff-bd28aafd4c87975a3a236af74c2200db447587fa0bb4f43ba9beb98738c77b2aL292 does not directly apply, but a very quick glance suggests the earlier code may be equally vulnerable. (Chris Lamb)
+--
 jetty9 (Markus Koschany)
   NOTE: 20220802: Programming language: Java.
 --
author	Chris Lamb <lamby@debian.org>	2022-08-19 12:45:40 -0700
committer	Chris Lamb <lamby@debian.org>	2022-08-19 12:45:40 -0700
commit	e695a8b51235f329adfb5a220f2b5894154c1bff (patch)
tree	1a17b407fa6ac8c2afc5c175b2d31b1a02b19c6d /data/dla-needed.txt
parent	ebb046ec289d0ff759d48646da248646a4c7dcf1 (diff)