exiv2 fixed

NFUs

1 files changed, 19 insertions, 9 deletions

diff --git a/data/CVE/list b/data/CVE/list
index 7f321d1b67..0ed102f362 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -15106,24 +15106,34 @@ CVE-2020-2109
 	RESERVED
 CVE-2020-2108
 	RESERVED
+	NOT-FOR-US: Jenkins plugin
 CVE-2020-2107
 	RESERVED
+	NOT-FOR-US: Jenkins plugin
 CVE-2020-2106
 	RESERVED
+	NOT-FOR-US: Jenkins plugin
 CVE-2020-2105
 	RESERVED
+	NOT-FOR-US: Jenkins
 CVE-2020-2104
 	RESERVED
+	NOT-FOR-US: Jenkins
 CVE-2020-2103
 	RESERVED
+	NOT-FOR-US: Jenkins
 CVE-2020-2102
 	RESERVED
+	NOT-FOR-US: Jenkins
 CVE-2020-2101
 	RESERVED
+	NOT-FOR-US: Jenkins
 CVE-2020-2100
 	RESERVED
+	NOT-FOR-US: Jenkins
 CVE-2020-2099
 	RESERVED
+	NOT-FOR-US: Jenkins
 CVE-2020-2098 (A cross-site request forgery vulnerability in Jenkins Sounds Plugin 0. ...)
 	NOT-FOR-US: Jenkins plugin
 CVE-2020-2097 (Jenkins Sounds Plugin 0.5 and earlier does not perform permission chec ...)
@@ -69208,8 +69218,8 @@ CVE-2018-20098 (There is a heap-based buffer over-read in Exiv2::Jp2Image::encod
 CVE-2018-20097 (There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroup ...)
 	{DLA-1691-1}
 	- exiv2 <unfixed> (low)
-	[buster] - exiv2 <no-dsa> (Minor issue)
-	[stretch] - exiv2 <no-dsa> (Minor issue)
+	[buster] - exiv2 <ignored> (Minor issue)
+	[stretch] - exiv2 <ignored> (Minor issue)
 	NOTE: https://github.com/Exiv2/exiv2/issues/590
 	NOTE: https://github.com/Exiv2/exiv2/commit/203ab0db28c9666b16069d4056ac5f66f753a51d
 CVE-2018-20096 (There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf fun ...)
@@ -75306,8 +75316,8 @@ CVE-2018-19536
 CVE-2018-19535 (In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngch ...)
 	{DLA-1691-1}
 	- exiv2 <unfixed> (bug #915135)
-	[buster] - exiv2 <no-dsa> (Minor issue)
-	[stretch] - exiv2 <no-dsa> (Minor issue)
+	[buster] - exiv2 <ignored> (Minor issue)
+	[stretch] - exiv2 <ignored> (Minor issue)
 	NOTE: https://github.com/Exiv2/exiv2/issues/428
 	NOTE: https://github.com/Exiv2/exiv2/pull/430
 CVE-2018-19534
@@ -76870,8 +76880,8 @@ CVE-2018-19109 (tianti 2.3 allows remote authenticated users to bypass intended
 CVE-2018-19108 (In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PS ...)
 	{DLA-1691-1}
 	- exiv2 <unfixed> (bug #913272)
-	[buster] - exiv2 <no-dsa> (Minor issue)
-	[stretch] - exiv2 <no-dsa> (Minor issue)
+	[buster] - exiv2 <ignored> (Minor issue)
+	[stretch] - exiv2 <ignored> (Minor issue)
 	NOTE: https://github.com/Exiv2/exiv2/issues/426
 	NOTE: https://github.com/Exiv2/exiv2/pull/518
 	NOTE: https://github.com/Exiv2/exiv2/commit/68966932510213b5656fcf433ab6d7e26f48e23b
@@ -76879,8 +76889,8 @@ CVE-2018-19108 (In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in
 CVE-2018-19107 (In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdi ...)
 	{DLA-1691-1}
 	- exiv2 <unfixed> (bug #913273)
-	[buster] - exiv2 <no-dsa> (Minor issue)
-	[stretch] - exiv2 <no-dsa> (Minor issue)
+	[buster] - exiv2 <ignored> (Minor issue)
+	[stretch] - exiv2 <ignored> (Minor issue)
 	NOTE: https://github.com/Exiv2/exiv2/issues/427
 	NOTE: https://github.com/Exiv2/exiv2/pull/518
 	NOTE: https://github.com/Exiv2/exiv2/commit/68966932510213b5656fcf433ab6d7e26f48e23b
@@ -103865,7 +103875,7 @@ CVE-2018-8977 (In Exiv2 0.26, the Exiv2::Internal::printCsLensFFFF function in c
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: https://github.com/Exiv2/exiv2/issues/247
 CVE-2018-8976 (In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial  ...)
-	- exiv2 <unfixed> (low; bug #903813)
+	- exiv2 0.27.2-6 (low; bug #903813)
 	[buster] - exiv2 <ignored> (Minor issue)
 	[stretch] - exiv2 <ignored> (Minor issue)
 	[jessie] - exiv2 <ignored> (Minor issue)