[Secure-testing-commits] r38081 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Dec 3 18:43:15 UTC 2015
Author: carnil
Date: 2015-12-03 18:43:15 +0000 (Thu, 03 Dec 2015)
New Revision: 38081
Modified:
data/CVE/list
Log:
Update status for CVE-2015-8392
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-12-03 18:21:55 UTC (rev 38080)
+++ data/CVE/list 2015-12-03 18:43:15 UTC (rev 38081)
@@ -6944,10 +6944,12 @@
TODO: check
CVE-2015-8392 (PCRE before 8.38 mishandles certain instances of the (?| substring, ...)
- pcre3 <unfixed>
+ [jessie] - pcre3 <no-dsa> (Minor issue)
+ [wheezy] - pcre3 <not-affected> (Vulnerable code introduced later)
+ [squeeze] - pcre3 <not-affected> (Vulnerable code introduced later)
NOTE: Fixed in 8.38
NOTE: http://vcs.pcre.org/pcre?view=revision&revision=1585
NOTE: related issue to CVE-2015-8384 and CVE-2015-8395
- TODO: check
CVE-2015-8391 (The pcre_compile function in pcre_compile.c in PCRE before 8.38 ...)
- pcre3 <unfixed>
[jessie] - pcre3 <no-dsa> (Minor issue)
More information about the Secure-testing-commits
mailing list