ELSA-2016-1025

ELSA-2016-1025 - pcre security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2016-05-11

Description


[8.32-15.1]
- Fix CVE-2015-2328 (infinite recursion compiling pattern with recursive
reference in a group with indefinite repeat) (bug #1330508)
- Fix CVE-2015-8385 (buffer overflow caused by named forward reference to
duplicate group number) (bug #1330508)
- Fix CVE-2015-8386 (buffer overflow caused by lookbehind assertion)
(bug #1330508)
- Fix CVE-2015-3217 (stack overflow caused by mishandled group empty match)
(bug #1330508)
- Fix CVE-2015-5073 and CVE-2015-8388 (buffer overflow for forward reference
within backward assertion with excess closing parenthesis) (bug #1330508)
- Fix CVE-2015-8391 (inefficient posix character class syntax check)
(bug #1330508)
- Fix CVE-2016-3191 (workspace overflow for (*ACCEPT) with deeply nested
parentheses) (bug #1330508)


Related CVEs


CVE-2015-2328
CVE-2015-8386
CVE-2015-8388
CVE-2015-3217
CVE-2015-5073
CVE-2015-8385
CVE-2015-8391
CVE-2016-3191

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (x86_64) pcre-8.32-15.el7_2.1.src.rpm5fe5a9ea16d1fa56fc3e2bc7d0d71e2fELBA-2017-1909
pcre-8.32-15.el7_2.1.i686.rpmc0e6d36d7a2e10b9ed645d198266a0bdELBA-2017-1909
pcre-8.32-15.el7_2.1.x86_64.rpmcf75f2adedb28d8dcb695e97f85f387aELBA-2017-1909
pcre-devel-8.32-15.el7_2.1.i686.rpme32056084c528b47be05f2184d70d811ELBA-2017-1909
pcre-devel-8.32-15.el7_2.1.x86_64.rpm30e2ec4990cdc18b5e0392147a5526bfELBA-2017-1909
pcre-static-8.32-15.el7_2.1.i686.rpm7c3d848d30f10fa5eaf78bc69b6cacdeELBA-2017-1909
pcre-static-8.32-15.el7_2.1.x86_64.rpm50e9c9a9d053fa6068e8ce26ecb1ee64ELBA-2017-1909
pcre-tools-8.32-15.el7_2.1.x86_64.rpm9fdc55aab56a862378294885b9b8e2a5ELBA-2017-1909



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete