[Secure-testing-commits] r39352 - data/CVE
Antoine Beaupré
anarcat at moszumanska.debian.org
Sat Jan 30 17:08:02 UTC 2016
Author: anarcat
Date: 2016-01-30 17:08:02 +0000 (Sat, 30 Jan 2016)
New Revision: 39352
Modified:
data/CVE/list
Log:
patches for CVE-2016-0494 and CVE-CVE-2015-4844 were reversed
f556d4c82ef1 appeared later than dbb4e2bdfa9e and the latter is refered to in the redhat Bug https://bugzilla.redhat.com/show_bug.cgi?id=1273318
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-30 16:32:11 UTC (rev 39351)
+++ data/CVE/list 2016-01-30 17:08:02 UTC (rev 39352)
@@ -4864,7 +4864,7 @@
- openjdk-7 7u95-2.6.4-1
- openjdk-6 <removed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1298906#c1
- NOTE: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/dbb4e2bdfa9e#l2.15
+ NOTE: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/f556d4c82ef1
- icu <unfixed>
NOTE: ICU not directly affected by CVE-2016-0494 itself since original patch for
NOTE: CVE-2015-4844 was not yet applied. CVE-2016-0494 was introduced as part of
@@ -16295,6 +16295,9 @@
NOTE: For ICU note that the original fix causes additional problems:
NOTE: https://ssl.icu-project.org/trac/ticket/12020#comment:4
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1298906#c1
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1273318
+ NOTE: see also CVE-2016-0494, introduced in through the fix for this CVE.
+ NOTE: patch: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/dbb4e2bdfa9e
CVE-2015-4843 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
{DSA-3381-1 DLA-346-1}
- openjdk-6 <removed>
More information about the Secure-testing-commits
mailing list