From 1353c33041fbd2ac9f843e4831ab5cc69aa66d04 Mon Sep 17 00:00:00 2001 From: Moritz Muehlenhoff Date: Wed, 29 Jan 2020 10:36:25 -0800 Subject: exiv2 fixed NFUs --- data/CVE/list | 28 +++++++++++++++++++--------- 1 file changed, 19 insertions(+), 9 deletions(-) (limited to 'data') diff --git a/data/CVE/list b/data/CVE/list index 7f321d1b67..0ed102f362 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -15106,24 +15106,34 @@ CVE-2020-2109 RESERVED CVE-2020-2108 RESERVED + NOT-FOR-US: Jenkins plugin CVE-2020-2107 RESERVED + NOT-FOR-US: Jenkins plugin CVE-2020-2106 RESERVED + NOT-FOR-US: Jenkins plugin CVE-2020-2105 RESERVED + NOT-FOR-US: Jenkins CVE-2020-2104 RESERVED + NOT-FOR-US: Jenkins CVE-2020-2103 RESERVED + NOT-FOR-US: Jenkins CVE-2020-2102 RESERVED + NOT-FOR-US: Jenkins CVE-2020-2101 RESERVED + NOT-FOR-US: Jenkins CVE-2020-2100 RESERVED + NOT-FOR-US: Jenkins CVE-2020-2099 RESERVED + NOT-FOR-US: Jenkins CVE-2020-2098 (A cross-site request forgery vulnerability in Jenkins Sounds Plugin 0. ...) NOT-FOR-US: Jenkins plugin CVE-2020-2097 (Jenkins Sounds Plugin 0.5 and earlier does not perform permission chec ...) @@ -69208,8 +69218,8 @@ CVE-2018-20098 (There is a heap-based buffer over-read in Exiv2::Jp2Image::encod CVE-2018-20097 (There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroup ...) {DLA-1691-1} - exiv2 (low) - [buster] - exiv2 (Minor issue) - [stretch] - exiv2 (Minor issue) + [buster] - exiv2 (Minor issue) + [stretch] - exiv2 (Minor issue) NOTE: https://github.com/Exiv2/exiv2/issues/590 NOTE: https://github.com/Exiv2/exiv2/commit/203ab0db28c9666b16069d4056ac5f66f753a51d CVE-2018-20096 (There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf fun ...) @@ -75306,8 +75316,8 @@ CVE-2018-19536 CVE-2018-19535 (In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngch ...) {DLA-1691-1} - exiv2 (bug #915135) - [buster] - exiv2 (Minor issue) - [stretch] - exiv2 (Minor issue) + [buster] - exiv2 (Minor issue) + [stretch] - exiv2 (Minor issue) NOTE: https://github.com/Exiv2/exiv2/issues/428 NOTE: https://github.com/Exiv2/exiv2/pull/430 CVE-2018-19534 @@ -76870,8 +76880,8 @@ CVE-2018-19109 (tianti 2.3 allows remote authenticated users to bypass intended CVE-2018-19108 (In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PS ...) {DLA-1691-1} - exiv2 (bug #913272) - [buster] - exiv2 (Minor issue) - [stretch] - exiv2 (Minor issue) + [buster] - exiv2 (Minor issue) + [stretch] - exiv2 (Minor issue) NOTE: https://github.com/Exiv2/exiv2/issues/426 NOTE: https://github.com/Exiv2/exiv2/pull/518 NOTE: https://github.com/Exiv2/exiv2/commit/68966932510213b5656fcf433ab6d7e26f48e23b @@ -76879,8 +76889,8 @@ CVE-2018-19108 (In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in CVE-2018-19107 (In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdi ...) {DLA-1691-1} - exiv2 (bug #913273) - [buster] - exiv2 (Minor issue) - [stretch] - exiv2 (Minor issue) + [buster] - exiv2 (Minor issue) + [stretch] - exiv2 (Minor issue) NOTE: https://github.com/Exiv2/exiv2/issues/427 NOTE: https://github.com/Exiv2/exiv2/pull/518 NOTE: https://github.com/Exiv2/exiv2/commit/68966932510213b5656fcf433ab6d7e26f48e23b @@ -103865,7 +103875,7 @@ CVE-2018-8977 (In Exiv2 0.26, the Exiv2::Internal::printCsLensFFFF function in c - exiv2 (Vulnerable code introduced after 0.25) NOTE: https://github.com/Exiv2/exiv2/issues/247 CVE-2018-8976 (In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial ...) - - exiv2 (low; bug #903813) + - exiv2 0.27.2-6 (low; bug #903813) [buster] - exiv2 (Minor issue) [stretch] - exiv2 (Minor issue) [jessie] - exiv2 (Minor issue) -- cgit v1.2.3