[Secure-testing-commits] r38081 - data/CVE

Salvatore Bonaccorso Thu, 03 Dec 2015 10:44:29 -0800

Author: carnil
Date: 2015-12-03 18:43:15 +0000 (Thu, 03 Dec 2015)
New Revision: 38081


Modified:
   data/CVE/list
Log:
Update status for CVE-2015-8392

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2015-12-03 18:21:55 UTC (rev 38080)
+++ data/CVE/list       2015-12-03 18:43:15 UTC (rev 38081)
@@ -6944,10 +6944,12 @@
        TODO: check
 CVE-2015-8392 (PCRE before 8.38 mishandles certain instances of the (?| 
substring, ...)
        - pcre3 <unfixed>
+       [jessie] - pcre3 <no-dsa> (Minor issue)
+       [wheezy] - pcre3 <not-affected> (Vulnerable code introduced later)
+       [squeeze] - pcre3 <not-affected> (Vulnerable code introduced later)
        NOTE: Fixed in 8.38
        NOTE: http://vcs.pcre.org/pcre?view=revision&revision=1585
        NOTE: related issue to CVE-2015-8384 and CVE-2015-8395
-       TODO: check
 CVE-2015-8391 (The pcre_compile function in pcre_compile.c in PCRE before 8.38 
...)
        - pcre3 <unfixed>
        [jessie] - pcre3 <no-dsa> (Minor issue)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r38081 - data/CVE

Reply via email to