diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2020-05-21 21:09:43 +0200 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-05-21 21:09:43 +0200 |
| commit | 19f2b66bfd1b3870cc2a4cb879b26f02e193944a (patch) | |
| tree | 4bf20fb7bc0d7f5f0b5ee56e4051e0724dd07154 /data | |
| parent | 0d09813fbae3950cd943e497c7c68df99820ed9d (diff) | |
Add CVE-2020-1311{2,3,4}/libexif issues
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list.2020 | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/data/CVE/list.2020 b/data/CVE/list.2020 index 70c9ad1f6c..34fa37fa97 100644 --- a/data/CVE/list.2020 +++ b/data/CVE/list.2020 @@ -283,12 +283,24 @@ CVE-2020-13116 RESERVED CVE-2020-13115 RESERVED -CVE-2020-13114 +CVE-2020-13114 [Add a failsafe on the maximum number of Canon MakerNote subtags] RESERVED -CVE-2020-13113 + - libexif <unfixed> + [buster] - libexif <no-dsa> (Minor issue) + [stretch] - libexif <no-dsa> (Minor issue) + NOTE: https://github.com/libexif/libexif/commit/e6a38a1a23ba94d139b1fa2cd4519fdcfe3c9bab (0.6.22) +CVE-2020-13113 [Ensure the MakerNote data pointers are initialized with NULL] RESERVED -CVE-2020-13112 + - libexif <unfixed> + [buster] - libexif <no-dsa> (Minor issue) + [stretch] - libexif <no-dsa> (Minor issue) + NOTE: https://github.com/libexif/libexif/commit/ec412aa4583ad71ecabb967d3c77162760169d1f (0.6.22) +CVE-2020-13112 [Fix MakerNote tag size overflow issues at read time] RESERVED + - libexif <unfixed> + [buster] - libexif <no-dsa> (Minor issue) + [stretch] - libexif <no-dsa> (Minor issue) + NOTE: https://github.com/libexif/libexif/commit/435e21f05001fb03f9f186fa7cbc69454afd00d1 (0.6.22) CVE-2020-13111 (NaviServer 4.99.4 to 4.99.19 allows denial of service due to the nsd/d ...) NOT-FOR-US: NaviServer CVE-2020-13110 (The kerberos package before 1.0.0 for Node.js allows arbitrary code ex ...) |