[Secure-testing-commits] r40609 - in data: . CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Mar 28 17:24:04 UTC 2016
Author: carnil
Date: 2016-03-28 17:24:04 +0000 (Mon, 28 Mar 2016)
New Revision: 40609
Modified:
data/CVE/list
data/next-point-update.txt
Log:
CVE assigned for pcre3 issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-03-28 17:14:45 UTC (rev 40608)
+++ data/CVE/list 2016-03-28 17:24:04 UTC (rev 40609)
@@ -1,10 +1,10 @@
-CVE-2016-XXXX [Segmentation fault on certain input to regular expressions with nested alternatives when JIT is used]
+CVE-2014-9769 [Segmentation fault on certain input to regular expressions with nested alternatives when JIT is used]
- pcre3 2:8.38-1 (bug #819050)
[jessie] - pcre3 <no-dsa> (Minor issue, can be fixed via point release)
[wheezy] - pcre3 <not-affected> (Vulnerable code not present)
NOTE: Upstream fix: http://vcs.pcre.org/pcre?view=revision&revision=1475 (8.36)
NOTE: Introduced in: http://vcs.pcre.org/pcre?view=revision&revision=1434 (8.35)
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/03/26/1
+ NOTE: http://www.openwall.com/lists/oss-security/2016/03/26/1
CVE-2016-3671
RESERVED
CVE-2016-3670
Modified: data/next-point-update.txt
===================================================================
--- data/next-point-update.txt 2016-03-28 17:14:45 UTC (rev 40608)
+++ data/next-point-update.txt 2016-03-28 17:24:04 UTC (rev 40609)
@@ -81,7 +81,7 @@
[jessie] - pcre3 2:8.35-3.3+deb8u3
CVE-2016-1283
[jessie] - pcre3 2:8.35-3.3+deb8u3
-CVE-2016-XXXX [Segmentation fault on certain input to regular expressions with nested alternatives when JIT is used]
+CVE-2014-9769
[jessie] - pcre3 2:8.35-3.3+deb8u4
CVE-2015-7557
[jessie] - librsvg 2.40.5-1+deb8u1
More information about the Secure-testing-commits
mailing list