libpcre3 < 7.6 is vulnerable to a buffer overflow resulting in remote code execution bug
Bug #193230 reported by
Adna rim
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
pcre3 (Gentoo Linux) |
Fix Released
|
High
|
|||
pcre3 (Ubuntu) |
Fix Released
|
Undecided
|
Kees Cook |
Bug Description
Hi,
again there is a big bug in libpcre3 which can cause a buffer overflow and lead to remote code execution.
Here's the changelog: http://
CVE References
description: | updated |
Changed in pcre3: | |
status: | Unknown → In Progress |
Changed in pcre3: | |
status: | In Progress → Fix Released |
Changed in pcre3 (Gentoo Linux): | |
importance: | Unknown → High |
To post a comment you must log in.
dev-libs/ libpcre- 7.6 fixes a buffer overflow issue:
----
1. A character class containing a very large number of characters with
codepoints greater than 255 (in UTF-8 mode, of course) caused a buffer
overflow.
----
Ebuild should be in the tree soon (thanks to Opfer), see the other bug for details.