touch-packages team mailing list archive

Thread
Date

[Bug 1396768] Re: pcre3 vulnerability CVE-2014-8964

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Seyeong Kim <seyeong.kim@xxxxxxxxxxxxx>
Date: Mon, 06 Jul 2015 08:43:24 -0000
Reply-to: Bug 1396768 <1396768@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Description changed:

+ SRU Justification
+ 
+ [Impact]
+ 
+ CVE-2014-8964
+ 
+ [Test Case]
+ 
+ [Regression Potential]
+ 
+ [Other Info]
+ 
  https://security-tracker.debian.org/tracker/CVE-2014-8964
  https://bugzilla.redhat.com/show_bug.cgi?id=1166147
  http://bugs.exim.org/show_bug.cgi?id=1546
  
  Requires some heavy backporting to older releases, see:
  https://bugzilla.redhat.com/show_bug.cgi?id=1166147#c2.

** Changed in: pcre3 (Ubuntu Trusty)
       Status: New => In Progress

** Changed in: pcre3 (Ubuntu Trusty)
     Assignee: (unassigned) => Seyeong Kim (xtrusia)

** Patch added: "trusty-cve-2014-8964.debdiff"
   https://bugs.launchpad.net/ubuntu/+source/pcre3/+bug/1396768/+attachment/4424951/+files/trusty-cve-2014-8964.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pcre3 in Ubuntu.
https://bugs.launchpad.net/bugs/1396768

Title:
  pcre3 vulnerability CVE-2014-8964

Status in pcre3 package in Ubuntu:
  Confirmed
Status in pcre3 source package in Precise:
  New
Status in pcre3 source package in Trusty:
  In Progress
Status in pcre3 source package in Utopic:
  New

Bug description:
  SRU Justification

  [Impact]

  CVE-2014-8964

  [Test Case]

  [Regression Potential]

  [Other Info]

  https://security-tracker.debian.org/tracker/CVE-2014-8964
  https://bugzilla.redhat.com/show_bug.cgi?id=1166147
  http://bugs.exim.org/show_bug.cgi?id=1546

  Requires some heavy backporting to older releases, see:
  https://bugzilla.redhat.com/show_bug.cgi?id=1166147#c2.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pcre3/+bug/1396768/+subscriptions