Advertisement
Home arrow ITsec Advisories arrow Fedora 8 Update: pcre-7.3-3.fc8
Sunday, 23 November 2008
  
 
Last week attacks
O.S.  Defs.  %
Linux  8778  71.58%
Win 2003  1950  15.90%
Win 2000  722  5.89%
Solaris 9/10  402  3.28%
FreeBSD  226  1.84%
Other  185  1.51%

Total attacks: 12263 of which 4619 single ip and 7644 mass defacements

Main Menu
Home
Digital Warfare
Geopolitics
ITsec News
ITsec Advisories
Test Drive
360°
Digital Attacks Archive
Zone-H events
Publications
Zone-H Friends/Partners
Contact Us
Search
Download Area
Zone-H forum
About this website
Login Form





Lost Password?
No account yet? Register
Visitors' Map
Fedora 8 Update: pcre-7.3-3.fc8 PDF Print E-mail
User Rating: / 0
PoorBest 
Written by Staff   
Tuesday, 19 February 2008
Name : pcre
Product : Fedora 8
Version : 7.3
Release : 3.fc8
URL : http://www.pcre.org/
Summary : Perl-compatible regular expression library
Description :
Perl-compatible regular expression library.
PCRE has its own native API, but a set of "wrapper" functions that are based on the POSIX API are also supplied in the library libpcreposix. Note that thisjust provides a POSIX calling interface to PCRE: the regular expressionsthemselves still follow Perl syntax and semantics...

The header filefor the POSIX-style functions i  called pcreposix.h.

Update Information:
This update addresses buffer overflow caused by a character class containing a very large number of characters with codepoints greater than 255 (in UTF-8 mode)

- CVE-2008-0674, #431660 This issue may affect usages of pcre, when regular expressions from untrusted sources are compiled. Handling of untrusted data using trusted regular expressions is not affected by this problem.

ChangeLog:

* Tue Feb 12 2008 Tomas Hoger <thoger redhat com> - 7.3-3
- Backport patch from upstream pcre 7.6 to address buffer overflow caused by "a character class containing a very large number of characters with codepoints greater than 255 (in UTF-8 mode)"
CVE-2008-0674, #431660
- Try re-enabling make check again.
* Fri Nov 16 2007 Stepan Kasal <skasal redhat com> - 7.3-2
- Remove obsolete ``reqs''
- add dist tag
- update BuildRoot

References:

[ 1 ] Bug #431660 - pcre: buffer overflow via large UTF-8 character class
https://bugzilla.redhat.com/show_bug.cgi?id=431660

This update can be installed with the "yum" update program. Use  su -c 'yum update pcre' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/key

Original Article:
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00632.html


Comments Index (Total Messages: 0)


Post Reply
Name:Guest
Title:
Comment:



Enter this security word

Powered by a Zone-H(ified) version of AkoComment 3.0!


DISCLAIMER: Forum postings are the opinion of the posting author alone, and should not be taken as the opinion of Zone-h. The   author is entirely and solely responsible for all content that he/she uploads, posts, or otherwise transmits via the website. Zone-h is not responsible for such content. However, Zone-h shall have the right, but not the obligation, to delete, move, or edit any content that violates this agreement or is otherwise objectionable as determined by Zone-h in its sole discretion and without notice.
 
< Prev   Next >
[ Back ]
 
Top!
© 2008 Zone-H.org - Unrestricted Information
Joomla! is Free Software released under the GNU/GPL License.
 Top!