Author: ghedo Date: 2015-07-21 17:05:54 +0000 (Tue, 21 Jul 2015) New Revision: 35603
Modified: data/CVE/list Log: Add new temporary icu issue related to CVE-2014-8146 Modified: data/CVE/list =================================================================== --- data/CVE/list 2015-07-21 15:16:54 UTC (rev 35602) +++ data/CVE/list 2015-07-21 17:05:54 UTC (rev 35603) @@ -1,3 +1,6 @@ +CVE-2015-XXXX [more to CVE-2014-8146] + - icu <unfixed> + NOTE: https://bugs.mageia.org/show_bug.cgi?id=15852#c2 CVE-2015-XXXX [integer overflow] - freexl 1.0.2-1 [jessie] - freexl 1.0.0g-1+deb8u2 @@ -20034,7 +20037,6 @@ [wheezy] - chromium-browser <not-affected> (Vulnerable code not present) [squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS) NOTE: Patch: http://bugs.icu-project.org/trac/changeset/37162 - NOTE: The upstream patch doesn't seem to properly fix the issue. CVE-2014-8145 (Multiple heap-based buffer overflows in Sound eXchange (SoX) 14.4.1 ...) {DSA-3112-1 DLA-128-1} - sox 14.4.1-5 (bug #773720) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
