touch-packages team mailing list archive
-
touch-packages team
-
Mailing list archive
-
Message #91187
[Bug 1396768] Re: pcre3 vulnerability CVE-2014-8964
** Changed in: pcre3 (Ubuntu)
Assignee: (unassigned) => Seyeong Kim (xtrusia)
** Changed in: pcre3 (Ubuntu)
Assignee: Seyeong Kim (xtrusia) => (unassigned)
** Patch added: "wily-cve-2015.debdiff"
https://bugs.launchpad.net/ubuntu/trusty/+source/pcre3/+bug/1396768/+attachment/4431778/+files/wily-cve-2015.debdiff
** Patch removed: "utopic-cve-2014-8964.debdiff"
https://bugs.launchpad.net/ubuntu/trusty/+source/pcre3/+bug/1396768/+attachment/4424961/+files/utopic-cve-2014-8964.debdiff
** Patch removed: "trusty-cve-2014-8964.debdiff"
https://bugs.launchpad.net/ubuntu/trusty/+source/pcre3/+bug/1396768/+attachment/4424951/+files/trusty-cve-2014-8964.debdiff
** Description changed:
SRU Justification
[Impact]
CVE-2014-8964
+ CVE-2015-2325
+ CVE-2015-2326
+ CVE-2015-3210
+ CVE-2015-5073
[Test Case]
[Regression Potential]
[Other Info]
+ CVE-2014-8964
+
https://security-tracker.debian.org/tracker/CVE-2014-8964
https://bugzilla.redhat.com/show_bug.cgi?id=1166147
http://bugs.exim.org/show_bug.cgi?id=1546
Requires some heavy backporting to older releases, see:
https://bugzilla.redhat.com/show_bug.cgi?id=1166147#c2.
+
+ CVE-2015-2325
+
+ https://security-tracker.debian.org/tracker/CVE-2015-2325
+ http://bugs.exim.org/show_bug.cgi?id=1591
+ http://vcs.pcre.org/pcre?view=revision&revision=1528
+
+ CVE-2015-2326
+
+ https://security-tracker.debian.org/tracker/CVE-2015-2326
+ http://bugs.exim.org/show_bug.cgi?id=1592
+ http://vcs.pcre.org/pcre?view=revision&revision=1529
+
+ CVE-2015-3210
+
+ https://security-tracker.debian.org/tracker/CVE-2015-3210
+ https://bugs.exim.org/show_bug.cgi?id=1636
+ http://vcs.pcre.org/pcre?view=revision&revision=1558
+
+ CVE-2015-5073
+
+ https://security-tracker.debian.org/tracker/CVE-2015-5073
+ https://bugs.exim.org/show_bug.cgi?id=1651
+ http://vcs.pcre.org/pcre?view=revision&revision=1571
** Summary changed:
- pcre3 vulnerability CVE-2014-8964
+ pcre3 vulnerability CVE-2014, 2015
** Changed in: pcre3 (Ubuntu)
Assignee: (unassigned) => Seyeong Kim (xtrusia)
** Changed in: pcre3 (Ubuntu)
Status: Confirmed => In Progress
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pcre3 in Ubuntu.
https://bugs.launchpad.net/bugs/1396768
Title:
pcre3 vulnerability CVE-2014, 2015
Status in pcre3 package in Ubuntu:
In Progress
Status in pcre3 source package in Precise:
New
Status in pcre3 source package in Trusty:
In Progress
Status in pcre3 source package in Utopic:
In Progress
Bug description:
SRU Justification
[Impact]
CVE-2014-8964
CVE-2015-2325
CVE-2015-2326
CVE-2015-3210
CVE-2015-5073
[Test Case]
[Regression Potential]
[Other Info]
CVE-2014-8964
https://security-tracker.debian.org/tracker/CVE-2014-8964
https://bugzilla.redhat.com/show_bug.cgi?id=1166147
http://bugs.exim.org/show_bug.cgi?id=1546
Requires some heavy backporting to older releases, see:
https://bugzilla.redhat.com/show_bug.cgi?id=1166147#c2.
CVE-2015-2325
https://security-tracker.debian.org/tracker/CVE-2015-2325
http://bugs.exim.org/show_bug.cgi?id=1591
http://vcs.pcre.org/pcre?view=revision&revision=1528
CVE-2015-2326
https://security-tracker.debian.org/tracker/CVE-2015-2326
http://bugs.exim.org/show_bug.cgi?id=1592
http://vcs.pcre.org/pcre?view=revision&revision=1529
CVE-2015-3210
https://security-tracker.debian.org/tracker/CVE-2015-3210
https://bugs.exim.org/show_bug.cgi?id=1636
http://vcs.pcre.org/pcre?view=revision&revision=1558
CVE-2015-5073
https://security-tracker.debian.org/tracker/CVE-2015-5073
https://bugs.exim.org/show_bug.cgi?id=1651
http://vcs.pcre.org/pcre?view=revision&revision=1571
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pcre3/+bug/1396768/+subscriptions