[Secure-testing-commits] r38029 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Dec 2 05:36:03 UTC 2015
Author: carnil
Date: 2015-12-02 05:36:03 +0000 (Wed, 02 Dec 2015)
New Revision: 38029
Modified:
data/CVE/list
Log:
CVE-2015-8381/pcre3 assigned
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-12-02 05:21:25 UTC (rev 38028)
+++ data/CVE/list 2015-12-02 05:36:03 UTC (rev 38029)
@@ -179,6 +179,18 @@
[squeeze] - libiptables-parse-perl <no-dsa> (Minor issue)
NOTE: https://github.com/mtrmac/IPTables-Parse/commit/b400b976d81140f6971132e94eb7657b5b0a2b87
NOTE: http://www.openwall.com/lists/oss-security/2015/11/24/6
+CVE-2015-8381 [compile_regex function in pcre_compile.c in PCRE before 8.38]
+ - pcre3 <unfixed> (bug #796762; bug #795539)
+ [jessie] - pcre3 <no-dsa> (Minor issue)
+ [wheezy] - pcre3 <not-affected> (Vulnerable code introduced later)
+ [squeeze] - pcre3 <not-affected> (Vulnerable code introduced later)
+ NOTE: https://bugs.exim.org/show_bug.cgi?id=1672
+ NOTE: http://vcs.pcre.org/pcre?view=revision&revision=1594
+ NOTE: http://www.openwall.com/lists/oss-security/2015/08/24/1
+ NOTE: https://bugs.exim.org/show_bug.cgi?id=1667
+ NOTE: http://www.openwall.com/lists/oss-security/2015/08/05/3
+ NOTE: http://vcs.pcre.org/pcre?view=revision&revision=1585
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1250943
CVE-2015-8380 [heap overflow in pcre_exec]
- pcre3 <unfixed> (bug #806467)
[jessie] - pcre3 <no-dsa> (Minor issue)
@@ -4874,14 +4886,6 @@
- activemq 5.6.0+dfsg1-4 (low)
[wheezy] - activemq 5.6.0+dfsg-1+deb7u1
NOTE: http://activemq.apache.org/security-advisories.data/CVE-2014-3612-announcement.txt
-CVE-2015-XXXX [PCRE Library Heap Overflow in compile_regex()]
- - pcre3 <unfixed> (bug #796762)
- [jessie] - pcre3 <no-dsa> (Minor issue)
- [wheezy] - pcre3 <not-affected> (Vulnerable code introduced later)
- [squeeze] - pcre3 <not-affected> (Vulnerable code introduced later)
- NOTE: https://bugs.exim.org/show_bug.cgi?id=1672
- NOTE: http://vcs.pcre.org/pcre?view=revision&revision=1594
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/08/24/1
CVE-2015-6523 (Cross-site request forgery (CSRF) vulnerability in the Portfolio ...)
NOT-FOR-US: Portfolio plugin for WordPress
CVE-2015-6522 (SQL injection vulnerability in the WP Symposium plugin before 15.8 for ...)
@@ -6737,15 +6741,6 @@
RESERVED
CVE-2014-9742
RESERVED
-CVE-2015-XXXX [PCRE Library Heap Overflow Vulnerability]
- - pcre3 <unfixed> (bug #795539)
- [jessie] - pcre3 <no-dsa> (Minor issue)
- [wheezy] - pcre3 <not-affected> (Vulnerable code possibly only introduced in 8.34 refactoring, r1359)
- [squeeze] - pcre3 <not-affected> (Vulnerable code possibly only introduced in 8.34 refactoring, r1359)
- NOTE: https://bugs.exim.org/show_bug.cgi?id=1667
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/08/05/3
- NOTE: http://vcs.pcre.org/pcre?view=revision&revision=1585
- NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1250943
CVE-2015-5741 [other discoveries of security-relevant RFC 7230 violations]
RESERVED
- golang 2:1.4.2-4 (bug #795106)
More information about the Secure-testing-commits
mailing list