[Bug 1396768] Re: pcre3 vulnerability CVE-2014-8964

Mon, 20 Jul 2015 18:26:56 -0700 

** Changed in: pcre3 (Ubuntu)
     Assignee: (unassigned) => Seyeong Kim (xtrusia)

** Changed in: pcre3 (Ubuntu)
     Assignee: Seyeong Kim (xtrusia) => (unassigned)

** Patch added: "wily-cve-2015.debdiff"
   
https://bugs.launchpad.net/ubuntu/trusty/+source/pcre3/+bug/1396768/+attachment/4431778/+files/wily-cve-2015.debdiff

** Patch removed: "utopic-cve-2014-8964.debdiff"
   
https://bugs.launchpad.net/ubuntu/trusty/+source/pcre3/+bug/1396768/+attachment/4424961/+files/utopic-cve-2014-8964.debdiff

** Patch removed: "trusty-cve-2014-8964.debdiff"
   
https://bugs.launchpad.net/ubuntu/trusty/+source/pcre3/+bug/1396768/+attachment/4424951/+files/trusty-cve-2014-8964.debdiff

** Description changed:

  SRU Justification
  
  [Impact]
  
  CVE-2014-8964
+ CVE-2015-2325
+ CVE-2015-2326
+ CVE-2015-3210
+ CVE-2015-5073
  
  [Test Case]
  
  [Regression Potential]
  
  [Other Info]
  
+ CVE-2014-8964
+ 
  https://security-tracker.debian.org/tracker/CVE-2014-8964
  https://bugzilla.redhat.com/show_bug.cgi?id=1166147
  http://bugs.exim.org/show_bug.cgi?id=1546
  
  Requires some heavy backporting to older releases, see:
  https://bugzilla.redhat.com/show_bug.cgi?id=1166147#c2.
+ 
+ CVE-2015-2325
+ 
+ https://security-tracker.debian.org/tracker/CVE-2015-2325
+ http://bugs.exim.org/show_bug.cgi?id=1591
+ http://vcs.pcre.org/pcre?view=revision&revision=1528
+ 
+ CVE-2015-2326
+ 
+ https://security-tracker.debian.org/tracker/CVE-2015-2326
+ http://bugs.exim.org/show_bug.cgi?id=1592
+ http://vcs.pcre.org/pcre?view=revision&revision=1529
+ 
+ CVE-2015-3210
+ 
+ https://security-tracker.debian.org/tracker/CVE-2015-3210
+ https://bugs.exim.org/show_bug.cgi?id=1636
+ http://vcs.pcre.org/pcre?view=revision&revision=1558
+ 
+ CVE-2015-5073
+ 
+ https://security-tracker.debian.org/tracker/CVE-2015-5073
+ https://bugs.exim.org/show_bug.cgi?id=1651
+ http://vcs.pcre.org/pcre?view=revision&revision=1571

** Summary changed:

- pcre3 vulnerability CVE-2014-8964
+ pcre3 vulnerability CVE-2014, 2015

** Changed in: pcre3 (Ubuntu)
     Assignee: (unassigned) => Seyeong Kim (xtrusia)

** Changed in: pcre3 (Ubuntu)
       Status: Confirmed => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1396768

Title:
  pcre3 vulnerability CVE-2014, 2015

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pcre3/+bug/1396768/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to