touch-packages team mailing list archive

Thread
Date

[Bug 1396768] Re: pcre3 vulnerability CVE-2014-8964

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Seth Arnold <1396768@xxxxxxxxxxxxxxxxxx>
Date: Wed, 26 Nov 2014 20:59:22 -0000
Reply-to: Bug 1396768 <1396768@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Information type changed from Private Security to Public Security

** Changed in: pcre3 (Ubuntu)
       Status: New => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pcre3 in Ubuntu.
https://bugs.launchpad.net/bugs/1396768

Title:
  pcre3 vulnerability CVE-2014-8964

Status in “pcre3” package in Ubuntu:
  Confirmed

Bug description:
  https://security-tracker.debian.org/tracker/CVE-2014-8964
  https://bugzilla.redhat.com/show_bug.cgi?id=1166147
  http://bugs.exim.org/show_bug.cgi?id=1546

  Requires some heavy backporting to older releases, see:
  https://bugzilla.redhat.com/show_bug.cgi?id=1166147#c2.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pcre3/+bug/1396768/+subscriptions