NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/exiv2: annotate CVE-2019-13504

Browse Source 
CVE-2019-13504 is misclassified (by our CVE tracker) as affecting
version 0.27.2, while in fact both commits that fixed this issue are
already in this version: bd0afe039043 and 54f0bebca032.

(From: https://security-tracker.debian.org/tracker/CVE-2019-13504)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This commit is contained in:
Fabrice Fontaine 2020-02-29 22:32:02 +01:00 committed by Yann E. MORIN
parent d8be0e4cd4
commit 4815bbc7b0
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
package/exiv2/exiv2.mk
View File

@ -10,6 +10,11 @@ EXIV2_INSTALL_STAGING = YES
EXIV2_LICENSE = GPL-2.0+, BSD-3-Clause
EXIV2_LICENSE_FILES = COPYING COPYING-CMAKE-SCRIPTS
# CVE-2019-13504 is misclassified (by our CVE tracker) as affecting version
# 0.27.2, while in fact both commits that fixed this issue are already in this
# version.
EXIV2_IGNORE_CVES += CVE-2019-13504
# 0001-crwimage-Check-offset-and-size-against-total-size.patch
EXIV2_IGNORE_CVES += CVE-2019-17402