Author: anarcat Date: 2016-01-30 17:08:02 +0000 (Sat, 30 Jan 2016) New Revision: 39352
Modified: data/CVE/list Log: patches for CVE-2016-0494 and CVE-CVE-2015-4844 were reversed f556d4c82ef1 appeared later than dbb4e2bdfa9e and the latter is refered to in the redhat Bug https://bugzilla.redhat.com/show_bug.cgi?id=1273318 Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-01-30 16:32:11 UTC (rev 39351) +++ data/CVE/list 2016-01-30 17:08:02 UTC (rev 39352) @@ -4864,7 +4864,7 @@ - openjdk-7 7u95-2.6.4-1 - openjdk-6 <removed> NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1298906#c1 - NOTE: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/dbb4e2bdfa9e#l2.15 + NOTE: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/f556d4c82ef1 - icu <unfixed> NOTE: ICU not directly affected by CVE-2016-0494 itself since original patch for NOTE: CVE-2015-4844 was not yet applied. CVE-2016-0494 was introduced as part of @@ -16295,6 +16295,9 @@ NOTE: For ICU note that the original fix causes additional problems: NOTE: https://ssl.icu-project.org/trac/ticket/12020#comment:4 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1298906#c1 + NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1273318 + NOTE: see also CVE-2016-0494, introduced in through the fix for this CVE. + NOTE: patch: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/dbb4e2bdfa9e CVE-2015-4843 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...) {DSA-3381-1 DLA-346-1} - openjdk-6 <removed> _______________________________________________ Secure-testing-commits mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
