Summary: | dev-libs/icu: Multiple vulnerabilities CVE-2017-7867, CVE-2017-7868 | ||||||
---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Andrey Ovcharov <sudormrfhalt> | ||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
Status: | RESOLVED DUPLICATE | ||||||
Severity: | normal | CC: | office, phmagic | ||||
Priority: | Normal | ||||||
Version: | unspecified | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | A2 [stable?] | ||||||
Package list: | Runtime testing required: | --- | |||||
Attachments: |
|
Description
Andrey Ovcharov
2017-05-28 12:26:31 UTC
From the first analysis: CVE-2017-7867 is not in in 58.1 but it is in 58.2 CVE-2017-7868 is in each release and should be fixed in 59.1 (In reply to Agostino Sarubbo from comment #1) > From the first analysis: > > CVE-2017-7867 is not in in 58.1 but it is in 58.2 > CVE-2017-7868 is in each release and should be fixed in 59.1 Debian is listing the same changeset (https://ssl.icu-project.org/trac/changeset/39671) for both vulnerabilities. But your posting indicates that each vulnerability requires an own patch. Can you please clarify where your analysis is based on? Thanks. Scratch the previous question, another dupe. *** This bug has been marked as a duplicate of bug 616468 *** |