[Secure-testing-commits] r35603 - data/CVE
Alessandro Ghedini
ghedo at moszumanska.debian.org
Tue Jul 21 17:05:54 UTC 2015
Author: ghedo
Date: 2015-07-21 17:05:54 +0000 (Tue, 21 Jul 2015)
New Revision: 35603
Modified:
data/CVE/list
Log:
Add new temporary icu issue related to CVE-2014-8146
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-07-21 15:16:54 UTC (rev 35602)
+++ data/CVE/list 2015-07-21 17:05:54 UTC (rev 35603)
@@ -1,3 +1,6 @@
+CVE-2015-XXXX [more to CVE-2014-8146]
+ - icu <unfixed>
+ NOTE: https://bugs.mageia.org/show_bug.cgi?id=15852#c2
CVE-2015-XXXX [integer overflow]
- freexl 1.0.2-1
[jessie] - freexl 1.0.0g-1+deb8u2
@@ -20034,7 +20037,6 @@
[wheezy] - chromium-browser <not-affected> (Vulnerable code not present)
[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
NOTE: Patch: http://bugs.icu-project.org/trac/changeset/37162
- NOTE: The upstream patch doesn't seem to properly fix the issue.
CVE-2014-8145 (Multiple heap-based buffer overflows in Sound eXchange (SoX) 14.4.1 ...)
{DSA-3112-1 DLA-128-1}
- sox 14.4.1-5 (bug #773720)
More information about the Secure-testing-commits
mailing list