[Secure-testing-commits] r38056 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Dec 2 17:40:48 UTC 2015
Author: carnil
Date: 2015-12-02 17:40:48 +0000 (Wed, 02 Dec 2015)
New Revision: 38056
Modified:
data/CVE/list
Log:
Correct information for CVE-2015-8383 and mark as no-dsa for jessie
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-12-02 17:22:56 UTC (rev 38055)
+++ data/CVE/list 2015-12-02 17:40:48 UTC (rev 38056)
@@ -6979,12 +6979,13 @@
TODO: check
CVE-2015-8383 [mishandles certain repeated conditional groups]
- pcre3 <unfixed>
+ [jessie] - pcre3 <no-dsa> (Minor issue)
[wheezy] - pcre3 <not-affected> (vulnerable coded introduce in 8.34)
[squeeze] - pcre3 <not-affected> (vulnerable code introduced in 8.34)
NOTE: Fixed in 8.38
NOTE: http://www.openwall.com/lists/oss-security/2015/11/29/1
NOTE: Fixed by http://vcs.pcre.org/pcre?view=revision&revision=1557
- NOTE: Introduced by http://vcs.pcre.org/pcre?view=revision&revision=1394
+ NOTE: Introduced by/first bad commit: http://vcs.pcre.org/pcre?view=revision&revision=1365
CVE-2015-8382 [Information disclosure]
- pcre3 2:8.35-7.2 (bug #794589)
[jessie] - pcre3 <no-dsa> (Minor issue)
More information about the Secure-testing-commits
mailing list