stable

pcre-8.38-1.fc22

FEDORA-2015-eb896290d3 created by ppisar 8 years ago for Fedora 22

This release fixes these vulnerabilies: CVE-2015-8383, CVE-2015-8386, CVE-2015-8387, CVE-2015-8389, CVE-2015-8390, CVE-2015-8391, CVE-2015-8393, CVE-2015-8394. It also fixes compiling comments with auto-callouts, compiling expressions with negated classes in UCP mode, compiling expressions with an isolated \E between an item and its qualifier with auto-callouts, a crash in regexec() if REG_STARTEND option is set and pmatch argument is NULL, a stack overflow when formatting a 32-bit integer in pcregrep tool, compiling expressions with an empty \Q\E sequence between an item and its qualifier with auto-callouts, compiling expressions with global extended modifier that is disabled by local no-extended option at the start of the expression just after a whitespace, a possible crash in pcre_copy_named_substring() if a named substring has number greater than the space in the ovector, a buffer overflow when compiling an expression with named groups with a group that reset capture numbers, and a crash in pcre_get_substring_list() if the use of \K caused the start of the match to be earlier than the end.

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2015-eb896290d3

This update has been submitted for testing by ppisar.

8 years ago

pcre-8.38-1.fc22 ejected from the push because u"Cannot find relevant tag for pcre-8.38-1.fc22. None of ['f22-updates-testing', 'f22-updates-testing-pending'] are in [u'epel7-testing-candidate', u'dist-6E-epel-testing-candidate', u'dist-5E-epel-testing-candidate', u'f22-updates-candidate', u'f23-updates-candidate', u'f21-updates-candidate']."

8 years ago

This update has been submitted for testing by ppisar.

8 years ago
User Icon hreindl commented & provided feedback 8 years ago
karma

works for me

pcre-8.38-1.fc22 ejected from the push because u"Cannot find relevant tag for pcre-8.38-1.fc22. None of ['f22-updates-testing', 'f22-updates-testing-pending'] are in [u'epel7-testing-candidate', u'dist-6E-epel-testing-candidate', u'dist-5E-epel-testing-candidate', u'f22-updates-candidate', u'f23-updates-candidate', u'f21-updates-candidate']."

8 years ago
User Icon filiperosset commented & provided feedback 8 years ago
karma

no regressions noted

This update has been pushed to testing.

8 years ago

This update has been submitted for stable by bodhi.

8 years ago
User Icon yuwata commented & provided feedback 8 years ago
karma

works for me

This update has been pushed to stable.

8 years ago

Please login to add feedback.

Metadata
Type
security
Karma
3
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
8 years ago
in testing
8 years ago
in stable
8 years ago
BZ#1287614 CVE-2015-8383 pcre: Buffer overflow caused by repeated conditional group
0
0
BZ#1287615 CVE-2015-8383 pcre: Buffer overflow caused by repeated conditional group [fedora-all]
0
0
BZ#1287636 CVE-2015-8386 pcre: Buffer overflow caused by lookbehind assertion
0
0
BZ#1287639 CVE-2015-8386 pcre: Buffer overflow caused by lookbehind assertion [fedora-all]
0
0
BZ#1287646 CVE-2015-8387 pcre: Integer overflow in subroutine calls
0
0
BZ#1287647 CVE-2015-8387 pcre: Integer overflow in subroutine calls [fedora-all]
0
0
BZ#1287659 CVE-2015-8389 pcre: Infinite recursion in JIT compiler when processing certain patterns
0
0
BZ#1287660 CVE-2015-8389 pcre: Infinite recursion in JIT compiler when processing certain patterns [fedora-all]
0
0
BZ#1287666 CVE-2015-8390 pcre: Reading from uninitialized memory when processing certain patterns
0
0
BZ#1287667 CVE-2015-8390 pcre: Reading from uninitialized memory when processing certain patterns [fedora-all]
0
0
BZ#1287671 CVE-2015-8391 pcre: Some pathological patterns causes pcre_compile() to run for a very long time
0
0
BZ#1287672 CVE-2015-8391 pcre: Some pathological patterns causes pcre_compile() to run for a very long time [fedora-all]
0
0
BZ#1287695 CVE-2015-8393 pcre: Information leak when running pcgrep -q on crafted binary
0
0
BZ#1287697 CVE-2015-8393 pcre: Information leak when running pcgrep -q on crafted binary [fedora-all]
0
0
BZ#1287702 CVE-2015-8394 pcre: Integer overflow caused by missing check for certain conditions
0
0
BZ#1287703 CVE-2015-8394 pcre: Integer overflow caused by missing check for certain conditions [fedora-all]
0
0

Automated Test Results