Author: jmm Date: 2012-07-18 06:53:03 +0000 (Wed, 18 Jul 2012) New Revision: 19759 Modified: data/CVE/list Log: libexif, exif fixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-07-17 21:51:01 UTC (rev 19758) +++ data/CVE/list 2012-07-18 06:53:03 UTC (rev 19759) @@ -69,7 +69,7 @@ CVE-2012-3997 (Multiple cross-site scripting (XSS) vulnerabilities in Sticky Notes ...) NOT-FOR-US: Sticky Notes CVE-2012-3996 (TikiWiki CMS/Groupware 8.3 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: TikiWiki CVE-2012-3995 RESERVED CVE-2012-3994 @@ -2542,7 +2542,7 @@ CVE-2012-2846 RESERVED CVE-2012-2845 (Integer overflow in the jpeg_data_load_data function in jpeg-data.c in ...) - - exif <unfixed> (low; bug #681465) + - exif 0.6.20-3 (low; bug #681465) [squeeze] - exif <no-dsa> (Minor crasher) NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229 NOTE: http://seclists.org/oss-sec/2012/q3/74 @@ -2553,11 +2553,11 @@ CVE-2012-2842 (Use-after-free vulnerability in Google Chrome before 20.0.1132.57 ...) - chromium-browser <unfixed> CVE-2012-2841 (Integer underflow in the exif_entry_get_value function in exif-entry.c ...) - - libexif <unfixed> (bug #681454) + - libexif 0.6.20-3 (bug #681454) NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229 NOTE: http://seclists.org/oss-sec/2012/q3/74 CVE-2012-2840 (Off-by-one error in the exif_convert_utf16_to_utf8 function in ...) - - libexif <unfixed> (bug #681454) + - libexif 0.6.20-3 (bug #681454) NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229 NOTE: http://seclists.org/oss-sec/2012/q3/74 CVE-2012-2839 @@ -2565,11 +2565,11 @@ CVE-2012-2838 RESERVED CVE-2012-2837 (The mnote_olympus_entry_get_value function in ...) - - libexif <unfixed> (bug #681454) + - libexif 0.6.20-3 (bug #681454) NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229 NOTE: http://seclists.org/oss-sec/2012/q3/74 CVE-2012-2836 (The exif_data_load_data function in exif-data.c in the EXIF Tag ...) - - libexif <unfixed> (bug #681454) + - libexif 0.6.20-3 (bug #681454) NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229 NOTE: http://seclists.org/oss-sec/2012/q3/74 CVE-2012-2835 @@ -2615,15 +2615,15 @@ CVE-2012-2815 (Google Chrome before 20.0.1132.43 allows remote attackers to obtain ...) - chromium-browser 20.0.1132.43~r143823-1 CVE-2012-2814 (Buffer overflow in the exif_entry_format_value function in ...) - - libexif <unfixed> (bug #681454) + - libexif 0.6.20-3 (bug #681454) NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229 NOTE: http://seclists.org/oss-sec/2012/q3/74 CVE-2012-2813 (The exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF ...) - - libexif <unfixed> (bug #681454) + - libexif 0.6.20-3 (bug #681454) NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229 NOTE: http://seclists.org/oss-sec/2012/q3/74 CVE-2012-2812 (The exif_entry_get_value function in exif-entry.c in the EXIF Tag ...) - - libexif <unfixed> (bug #681454) + - libexif 0.6.20-3 (bug #681454) NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229 NOTE: http://seclists.org/oss-sec/2012/q3/74 CVE-2012-2811