Linux Security
Linux Security
Linux Security

Debian: pcre3 fix arbitrary code execution DSA-800-1

Date 02 Sep 2005
Posted By LinuxSecurity Advisories
Updated package.
- --------------------------------------------------------------------------
Debian Security Advisory DSA 800-1                     This email address is being protected from spambots. You need JavaScript enabled to view it.                             Martin Schulze
September 2nd, 2005           
- --------------------------------------------------------------------------

Package        : pcre3
Vulnerability  : integer overflow
Problem-Type   : depends on use
Debian-specific: no
CVE ID         : CAN-2005-2491
BugTraq ID     : 14620
Debian Bug     : 324531

An integer overflow with subsequent buffer overflow has been detected
in PCRE, the Perl Compatible Regular Expressions library, which allows
an attacker to execute arbitrary code.

Since several packages link dynamically to this library you are
advised to restart the corresponding services or programs
respectively.  The command ``apt-caches showpkg libpcre3'' will list
the corresponding packages in the "Reverse Depends:" section.

For the old stable distribution (woody) this problem has been fixed in
version 3.4-1.1woody1.

For the stable distribution (sarge) this problem has been fixed in
version 4.5-1.2sarge1.

For the unstable distribution (sid) this problem has been fixed in
version 6.3-1.

We recommend that you upgrade your libpcre3 package.

Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:
      Size/MD5 checksum:      546 f20fefc57bb56bfa6cf32d9c18a7add4
      Size/MD5 checksum:    49801 b69439f16a83c75f4afdad1bc87e0983
      Size/MD5 checksum:   296708 75918d0111f592097939a7b8c490dcd0

  Alpha architecture:
      Size/MD5 checksum:    66020 fe9b69946352606036a89ce9c442624e
      Size/MD5 checksum:    62204 c566c04c9588d67cfe27372905b0d10b
      Size/MD5 checksum:     5826 68691c08411bf16a238b7bdc7188a6f5

  ARM architecture:
      Size/MD5 checksum:    60406 2d6c5ba122757fe453ccb97159839b27
      Size/MD5 checksum:    58406 e6478cafa3ba2735f7c8c4ccb9f2d375
      Size/MD5 checksum:     5276 6d183c6c7b7b3a271608718b1b330abf

  Intel IA-32 architecture:
      Size/MD5 checksum:    58940 2af5e448f2d6fb3cb718be00b12e8dc8
      Size/MD5 checksum:    55680 e48ae5ac13350c9069c34883c66689d8
      Size/MD5 checksum:     5166 cfbed9bcee48a300b5f3342f585c2ea4

  Intel IA-64 architecture:
      Size/MD5 checksum:    70888 2810af532211a5ff7237faa02f2fa2a2
      Size/MD5 checksum:    65898 ea3ff46a153c3755f9c1fc70555e016d
      Size/MD5 checksum:     6614 421f2ed6e492250f4ea7455d0790cc60

  HP Precision architecture:
      Size/MD5 checksum:    63716 ca76198968a8c301fed26b02ea0fb8ea
      Size/MD5 checksum:    59746 2679d450cd83f08718ee2e825cda2410
      Size/MD5 checksum:     5774 e48ac73b088227f326c8f4c1d1328c2a

  Motorola 680x0 architecture:
      Size/MD5 checksum:    57432 cb5f2f533adcf17218d99e48a3cb4faf
      Size/MD5 checksum:    52286 367246afee4ccfa45ce06fdac281bc58
      Size/MD5 checksum:     5036 c295511ed7b42ccede3741fece86cad1

  Big endian MIPS architecture:
      Size/MD5 checksum:    60862 0f2c59e735155972eeb95083f6e25bf9
      Size/MD5 checksum:    60022 f0566f7dbe6c545108f3d8fd23a41a08
      Size/MD5 checksum:     5496 af07688fbaf8c7fdccb2835f1096f99a

  Little endian MIPS architecture:
      Size/MD5 checksum:    60768 1d8f1b60ff53f23e19ac991789a7d249
      Size/MD5 checksum:    59722 23d38d0b52b948d47c10a6eb316660d2
      Size/MD5 checksum:     5562 380dcfd8f22af1a34ea063b0844c64e4

  PowerPC architecture:
      Size/MD5 checksum:    60780 eaa1b51cef30ed9008eba5eaf669b285
      Size/MD5 checksum:    62524 516b9b739fb165c07d2c2f44469273f6
      Size/MD5 checksum:     5428 e9cd704387f98d3d3b8218d0b099bda4

  IBM S/390 architecture:
      Size/MD5 checksum:    59822 1273b0034ce45c9d67b1c9a5ecadd8a4
      Size/MD5 checksum:    56730 3eb9e55677ce89c5d830ff7003443ac4
      Size/MD5 checksum:     5600 ab80c98f176ae54f9ece2b41c9d80263

  Sun Sparc architecture:
      Size/MD5 checksum:    59392 cdcd38f84276e1d976d90578a9a558d4
      Size/MD5 checksum:    56750 bc0b0c65125ebfd1c1d6815a09bcb1c8
      Size/MD5 checksum:     7864 251068569691247a4beb0d46db1cb789

Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:
      Size/MD5 checksum:      595 ac6150d25157f866b2b7f46812a82761
      Size/MD5 checksum:   186116 fa5cd3f6a8cbcc88bcfd387634d12c66
      Size/MD5 checksum:   476057 a58971177114a3b7a5da0e5a89a43c96

  Architecture independent components:
      Size/MD5 checksum:      768 6349e44e476cfb9dfccd483b5bc98cbc

  Alpha architecture:
      Size/MD5 checksum:   113688 a7df1688edf447a5df5ef3cf42e20a9b
      Size/MD5 checksum:   113664 72c1450c3510622db54acec47adc0996
      Size/MD5 checksum:     9886 8c22637e9341ab909d0588dbd8aa542c

  AMD64 architecture:
      Size/MD5 checksum:   107126 f79097dfad2a9c3c27d2792aa8e17975
      Size/MD5 checksum:   106884 a29c5174f6bf23d632a4f70b1cb6bab7
      Size/MD5 checksum:     9176 ed86973df6a047b0b8279875119795ac

  ARM architecture:
      Size/MD5 checksum:   106846 8e2192b4a99f34b431185b638059184e
      Size/MD5 checksum:   107464 bf4ace192cd1e4991bbd49004ff345a5
      Size/MD5 checksum:     8654 194c154e5fd01bae833252fefce48ef8

  Intel IA-32 architecture:
      Size/MD5 checksum:   107806 5462241d0e9cbad6f9385d9e69e63df5
      Size/MD5 checksum:   106116 2776119c04627d7e020e0e2a28d829b4
      Size/MD5 checksum:     8574 9bd58334a575fce0f39ad1b7e96e8bf0

  Intel IA-64 architecture:
      Size/MD5 checksum:   126468 2fb6d844c1816f86fbdc180ec874458c
      Size/MD5 checksum:   119958 27a1b846fc9d4549bc7d56acbebc4701
      Size/MD5 checksum:    11156 0e05c09a9156c1649451dc04cc1a403b

  HP Precision architecture:
      Size/MD5 checksum:   112270 d872b9d73852c5cdaee9e7b99dfd4a8c
      Size/MD5 checksum:   108640 21a814ece299a9d9dd73878f17703805
      Size/MD5 checksum:     9740 ab0261190a75ac0893dbd0d83a0d075e

  Motorola 680x0 architecture:
      Size/MD5 checksum:   101580 6ba0f48fa1a5d58b76d098b09233dda1
      Size/MD5 checksum:    99358 150bf88d39a8627940a05e1e06ae325b
      Size/MD5 checksum:     8320 ac81c73b5d96c61343eaee5a30db045c

  Big endian MIPS architecture:
      Size/MD5 checksum:   106808 4330ce6ef2dbe3e74930912b5d842091
      Size/MD5 checksum:   108422 b4b532ddd12affa682bc873befdaf8ff
      Size/MD5 checksum:     9498 159f69ee0f42193545774a6c6fa582ee

  Little endian MIPS architecture:
      Size/MD5 checksum:   106908 cdcbdcbc499046f5d735d4e9edd6f7ae
      Size/MD5 checksum:   107774 5b495d916e35f1b2f46aca316f981c17
      Size/MD5 checksum:     9546 dfa799043e392273ed76cf5659b6498a

  PowerPC architecture:
      Size/MD5 checksum:   110010 d91eb03e18c0f7d124505c671103fce0
      Size/MD5 checksum:   111210 9b32b4685b49562d3c8183bb9246c392
      Size/MD5 checksum:    10678 1548bafd11e8b283627f16dbb977f5be

  IBM S/390 architecture:
      Size/MD5 checksum:   107654 f10b8fe1fa1dd19948f3d286807ce553
      Size/MD5 checksum:   106998 d76769f32c87ea11bfd71e585d6de219
      Size/MD5 checksum:     9364 69d17cd7d354048f2e8e972b7a15987e

  Sun Sparc architecture:
      Size/MD5 checksum:   105100 3598c03dd322930154071e6a5e8209e5
      Size/MD5 checksum:   105458 f47f0ca4d4db2a948db936d56831a0aa
      Size/MD5 checksum:     8728 b8877f4ed857346920c2773047efc821

  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.

LinuxSecurity Poll

How frequently do you patch/update your system?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum 0 answer(s) and maximum 3 answer(s).
[{"id":"179","title":"As soon as patches\/updates are released - I track advisories for my distro(s) diligently","votes":"69","type":"x","order":"1","pct":75.82,"resources":[]},{"id":"180","title":"Every so often, when I think of it","votes":"14","type":"x","order":"2","pct":15.38,"resources":[]},{"id":"181","title":"Hardly ever","votes":"8","type":"x","order":"3","pct":8.79,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

Please vote first in order to view vote results.



bottom 200

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.