[Secure-testing-commits] r38031 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Dec 2 05:44:56 UTC 2015
Author: carnil
Date: 2015-12-02 05:44:56 +0000 (Wed, 02 Dec 2015)
New Revision: 38031
Modified:
data/CVE/list
Log:
More CVEs for pcre3
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-12-02 05:37:55 UTC (rev 38030)
+++ data/CVE/list 2015-12-02 05:44:56 UTC (rev 38031)
@@ -6836,6 +6836,28 @@
RESERVED
CVE-2015-5703 (SQL injection vulnerability in the public key discovery API call in ...)
TODO: check
+CVE-2015-8387 [mishandles (?123) subroutine calls and related subroutine calls]
+ - pcre3 <unfixed>
+ NOTE: Fixed in 8.38
+ TODO: check
+CVE-2015-8386 [mishandles the interaction of lookbehind assertions and mutually recursive subpatterns]
+ - pcre3 <unfixed>
+ NOTE: Fixed in 8.38
+ TODO: check
+CVE-2015-8385 [mishandles the /(?|(\k'Pm')|(?'Pm'))/ pattern and related patterns with certain forward references]
+ - pcre3 <unfixed>
+ NOTE: Fixed in 8.38
+ TODO: check
+CVE-2015-8384 [mishandles the /(?J)(?'d'(?'d'\g{d}))/ pattern and related patterns with certain recursive back references]
+ - pcre3 <unfixed>
+ NOTE: related issue to CVE-2015-8392 and CVE-2015-8395
+ NOTE: Fixed in 8.38
+ TODO: check
+CVE-2015-8383 [mishandles certain repeated conditional groups]
+ - pcre3 <unfixed>
+ NOTE: Fixed in 8.38
+ NOTE: http://www.openwall.com/lists/oss-security/2015/11/29/1
+ TODO: check
CVE-2015-8382 [Information disclosure]
- pcre3 2:8.35-7.2 (bug #794589)
[jessie] - pcre3 <no-dsa> (Minor issue)
More information about the Secure-testing-commits
mailing list