retitle 775884 CVE-2014-6591 CVE-2014-6585 thanks On Wed, Jan 21, 2015 at 07:36:51AM +0100, Moritz Muehlenhoff wrote: > Package: icu > Severity: important > Tags: security > > Hi, > the issue CVE-2014-6585 from today's Oracle patch update > (http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html) > is actually a vulnerability in ICU (since Java embeds a copy). Red Hat > has tracked this down further and isolated the patch, please see > https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-6591 for more > details. The patch isn't in ICU trunk yet, so please forward it > upstream unless they are not aware of it yet. It would be nice to > get that fixed in jessie.
Actually there's another one: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-6591 Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
