[Secure-testing-commits] r40609 - in data: . CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Mon Mar 28 17:24:04 UTC 2016


Author: carnil
Date: 2016-03-28 17:24:04 +0000 (Mon, 28 Mar 2016)
New Revision: 40609

Modified:
   data/CVE/list
   data/next-point-update.txt
Log:
CVE assigned for pcre3 issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-03-28 17:14:45 UTC (rev 40608)
+++ data/CVE/list	2016-03-28 17:24:04 UTC (rev 40609)
@@ -1,10 +1,10 @@
-CVE-2016-XXXX [Segmentation fault on certain input to regular  expressions with nested alternatives when JIT is used]
+CVE-2014-9769 [Segmentation fault on certain input to regular  expressions with nested alternatives when JIT is used]
 	- pcre3 2:8.38-1 (bug #819050)
 	[jessie] - pcre3 <no-dsa> (Minor issue, can be fixed via point release)
 	[wheezy] - pcre3 <not-affected> (Vulnerable code not present)
 	NOTE: Upstream fix: http://vcs.pcre.org/pcre?view=revision&revision=1475 (8.36)
 	NOTE: Introduced in: http://vcs.pcre.org/pcre?view=revision&revision=1434 (8.35)
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/03/26/1
+	NOTE: http://www.openwall.com/lists/oss-security/2016/03/26/1
 CVE-2016-3671
 	RESERVED
 CVE-2016-3670

Modified: data/next-point-update.txt
===================================================================
--- data/next-point-update.txt	2016-03-28 17:14:45 UTC (rev 40608)
+++ data/next-point-update.txt	2016-03-28 17:24:04 UTC (rev 40609)
@@ -81,7 +81,7 @@
 	[jessie] - pcre3 2:8.35-3.3+deb8u3
 CVE-2016-1283
 	[jessie] - pcre3 2:8.35-3.3+deb8u3
-CVE-2016-XXXX [Segmentation fault on certain input to regular  expressions with nested alternatives when JIT is used]
+CVE-2014-9769
 	[jessie] - pcre3 2:8.35-3.3+deb8u4
 CVE-2015-7557
 	[jessie] - librsvg 2.40.5-1+deb8u1




More information about the Secure-testing-commits mailing list