[Secure-testing-commits] r33355 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Apr 3 09:44:10 UTC 2015
Author: carnil
Date: 2015-04-03 09:44:10 +0000 (Fri, 03 Apr 2015)
New Revision: 33355
Modified:
data/CVE/list
Log:
Update status for CVE-2015-2326/pcre3
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-04-03 09:38:19 UTC (rev 33354)
+++ data/CVE/list 2015-04-03 09:44:10 UTC (rev 33355)
@@ -1161,9 +1161,12 @@
NOTE: Since 1:2.0.0-1 mongodb uses the system pcre3
CVE-2015-2326 [heap buffer overflow in pcre_compile2()]
RESERVED
- - pcre3 <undetermined>
+ - pcre3 <unfixed>
NOTE: http://bugs.exim.org/show_bug.cgi?id=1592
NOTE: http://vcs.pcre.org/viewvc?revision=1529&view=revision
+ NOTE: Not sure if this affects as well pcre3 <= 8.35, reproducers
+ NOTE: don't seem to lead to invalid reads. But OTOH has apparently
+ NOTE: reproduced it on Vivid through Trusty
TODO: check
CVE-2015-2325 [heap buffer overflow in compile_branch()]
RESERVED
More information about the Secure-testing-commits
mailing list