[Secure-testing-commits] r31721 - data/CVE
Raphaël Hertzog
hertzog at moszumanska.debian.org
Tue Jan 27 09:37:26 UTC 2015
Author: hertzog
Date: 2015-01-27 09:37:06 +0000 (Tue, 27 Jan 2015)
New Revision: 31721
Modified:
data/CVE/list
Log:
Mark CVE-2015-1345 as not affecting grep on squeeze/wheezy
The problem has been introduced in v2.18-90-g73893ff (i.e. 2.18
and lower are not affected, and 2.19 is the first affected release).
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-01-27 09:17:35 UTC (rev 31720)
+++ data/CVE/list 2015-01-27 09:37:06 UTC (rev 31721)
@@ -466,7 +466,9 @@
NOTE: libv8 not covered by security support
CVE-2015-1345 [heap buffer overrun]
RESERVED
- - grep <unfixed> (bug #776039)
+ - grep <unfixed> (low; bug #776039)
+ [squeeze] - grep <not-affected> (Issue introduced with v2.18-90-g73893ff)
+ [wheezy] - grep <not-affected> (Issue introduced with v2.18-90-g73893ff)
NOTE: http://bugs.gnu.org/19563
NOTE: Upstream fix: http://git.sv.gnu.org/cgit/grep.git/commit/?id=83a95bd8c8561875b948cadd417c653dbe7ef2e2
CVE-2014-XXXX [formail: memory corruption]
More information about the Secure-testing-commits
mailing list