[Secure-testing-commits] r34220 - data/CVE
Alessandro Ghedini
ghedo at moszumanska.debian.org
Tue May 12 21:02:20 UTC 2015
Author: ghedo
Date: 2015-05-12 21:02:20 +0000 (Tue, 12 May 2015)
New Revision: 34220
Modified:
data/CVE/list
Log:
Add links to patches for CVE-2014-814{6,7}/icu issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-05-12 20:54:04 UTC (rev 34219)
+++ data/CVE/list 2015-05-12 21:02:20 UTC (rev 34220)
@@ -14990,6 +14990,7 @@
[jessie] - chromium-browser 42.0.2311.135-1~deb8u1
[wheezy] - chromium-browser <not-affected> (Vulnerable code not present)
[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
+ NOTE: Patch: http://bugs.icu-project.org/trac/changeset/37080
CVE-2014-8146 [Heap overflow]
RESERVED
- icu 52.1-9 (bug #784773)
@@ -14998,6 +14999,8 @@
[jessie] - chromium-browser 42.0.2311.135-1~deb8u1
[wheezy] - chromium-browser <not-affected> (Vulnerable code not present)
[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
+ NOTE: Patch: http://bugs.icu-project.org/trac/changeset/37162
+ NOTE: The upstream patch doesn't seem to properly fix the issue.
CVE-2014-8145 (Multiple heap-based buffer overflows in Sound eXchange (SoX) 14.4.1 ...)
{DSA-3112-1 DLA-128-1}
- sox 14.4.1-5 (bug #773720)
More information about the Secure-testing-commits
mailing list