[Secure-testing-commits] r32233 - data/CVE
Luciano Bello
luciano at moszumanska.debian.org
Sat Feb 14 15:01:48 UTC 2015
Author: luciano
Date: 2015-02-14 15:01:48 +0000 (Sat, 14 Feb 2015)
New Revision: 32233
Modified:
data/CVE/list
Log:
regex vuln - (partial)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-02-14 13:30:24 UTC (rev 32232)
+++ data/CVE/list 2015-02-14 15:01:48 UTC (rev 32233)
@@ -59,6 +59,32 @@
TODO: check
CVE-2015-1569 (Fortinet FortiClient 5.2.028 for iOS does not validate certificates, ...)
TODO: check
+CVE-2015-XXXX [Henry Spencer regular expressions (regex) library contains a heap overflow vulnerability]
+ - php5 <unfixed> (bug #778389)
+ - olsrd <unfixed> (bug #778390)
+ - llvm-toolchain-3.4 <unfixed> (bug #778391)
+ - llvm-toolchain-3.5 <unfixed> (bug #778392)
+ - llvm-toolchain-3.6 <unfixed> (bug #778393)
+ - llvm-toolchain-snapshot <unfixed> (bug #778394)
+ - haskell-regex-posix <unfixed> (bug #778395)
+ - cups <unfixed> (bug #778396)
+ - librcsb-core-wrapper <unfixed> (bug #778397)
+ - openrpt <unfixed> (bug #778398)
+ - z88dk <unfixed> (bug #778399)
+ - newlib <unfixed>
+ - yap <unfixed>
+ - vnc4 <unfixed> (bug #778403)
+ - sma <unfixed>
+ - clamav <unfixed>
+ - knews <unfixed> (bug #778401)
+ - radare2 <unfixed> (bug #778402)
+ - efl <unfixed>
+ - ptlib <unfixed>
+ - alpine <unfixed>
+ - vigor <unfixed>
+ - nvi <unfixed>
+ NOTE: http://www.kb.cert.org/vuls/id/695940
+ NOTE: https://guidovranken.wordpress.com/2015/02/04/full-disclosure-heap-overflow-in-h-spencers-regex-library-on-32-bit-systems/
CVE-2015-XXXX [insecure storage of password]
- nut <unfixed> (bug #777706)
CVE-2015-XXXX [command injection vulnerability]
More information about the Secure-testing-commits
mailing list