[Secure-testing-commits] r44441 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Sep 9 05:53:34 UTC 2016
Author: carnil
Date: 2016-09-09 05:53:34 +0000 (Fri, 09 Sep 2016)
New Revision: 44441
Modified:
data/CVE/list
Log:
Update information for CVE-2015-4844 and CVE-2016-0494 for icu, thanks gcs triaging and confiramtion
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-09 05:23:49 UTC (rev 44440)
+++ data/CVE/list 2016-09-09 05:53:34 UTC (rev 44441)
@@ -22228,7 +22228,7 @@
- openjdk-6 <removed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1298906#c1
NOTE: Upstream commit for OpenJDK: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/f556d4c82ef1
- - icu <unfixed>
+ - icu 57.1-4
NOTE: ICU not directly affected by CVE-2016-0494 itself since original patch for
NOTE: CVE-2015-4844 was not yet applied. CVE-2016-0494 was introduced as part of
NOTE: the CVE-2015-4844 fix.
@@ -33850,7 +33850,7 @@
- openjdk-6 <removed>
- openjdk-7 7u85-2.6.1-6
- openjdk-8 8u66-b17-1
- - icu <unfixed>
+ - icu 57.1-1.1
NOTE: http://bugs.icu-project.org/trac/ticket/12020
NOTE: For ICU note that the original fix causes additional problems:
NOTE: https://ssl.icu-project.org/trac/ticket/12020#comment:4
More information about the Secure-testing-commits
mailing list