[Secure-testing-commits] r34536 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Tue May 26 21:47:48 UTC 2015
Author: jmm
Date: 2015-05-26 21:47:48 +0000 (Tue, 26 May 2015)
New Revision: 34536
Modified:
data/CVE/list
Log:
one pcre issue no-dsa, the other n/a for jessie
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-05-26 21:10:16 UTC (rev 34535)
+++ data/CVE/list 2015-05-26 21:47:48 UTC (rev 34536)
@@ -4603,6 +4603,7 @@
CVE-2015-2326 [heap buffer overflow in pcre_compile2()]
RESERVED
- pcre3 <unfixed> (bug #783285)
+ [jessie] - pcre3 <no-dsa> (Minor issue)
[wheezy] - pcre3 <not-affected> (Vulnerable code introuced while refactoring between 8.33 and 8.36)
[squeeze] - pcre3 <not-affected> (Vulnerable code introuced while refactoring between 8.33 and 8.36)
NOTE: http://bugs.exim.org/show_bug.cgi?id=1592
@@ -4612,6 +4613,7 @@
CVE-2015-2325 [heap buffer overflow in compile_branch()]
RESERVED
- pcre3 <unfixed> (bug #781795)
+ [jessie] - pcre3 <not-affected> (Fixed earlier, reproducer fails)
NOTE: http://bugs.exim.org/show_bug.cgi?id=1591
NOTE: http://vcs.pcre.org/viewvc?revision=1528&view=revision
NOTE: Reproducer leads to "Failed: internal error: previously-checked referenced subpattern not found at offset 17"
More information about the Secure-testing-commits
mailing list