[Secure-testing-commits] r38063 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Dec 2 21:27:19 UTC 2015
Author: carnil
Date: 2015-12-02 21:27:19 +0000 (Wed, 02 Dec 2015)
New Revision: 38063
Modified:
data/CVE/list
Log:
Updated CVE-2015-8387/pcre3
Note for reviewers: not checked if squeeze-lts as well has the
vulnerability, thus not marked as well as no-dsa.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-12-02 21:16:45 UTC (rev 38062)
+++ data/CVE/list 2015-12-02 21:27:19 UTC (rev 38063)
@@ -6960,9 +6960,10 @@
TODO: check
CVE-2015-8387 (PCRE before 8.38 mishandles (?123) subroutine calls and related ...)
- pcre3 <unfixed>
+ [jessie] - pcre3 <no-dsa> (Minor issue)
+ [wheezy] - pcre3 <no-dsa> (Minor issue)
NOTE: Fixed in 8.38
NOTE: http://vcs.pcre.org/pcre?view=revision&revision=1563
- TODO: check
CVE-2015-8386 (PCRE before 8.38 mishandles the interaction of lookbehind assertions ...)
- pcre3 <unfixed>
[jessie] - pcre3 <no-dsa> (Minor issue)
More information about the Secure-testing-commits
mailing list