Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Fedora 23: Update for Mingw-PCRE 8.38 Critical Buffer Overflow Fix

fedora
Calendar Grey February 17, 2016
Dist Fedora Esm H88
Upgrade to version 8.38 for mingw-pcre in Fedora 23 to enhance security protocols and fix identified vulnerabilities. Discover additional information here.
Update to 8.38 and fix various CVE's

Summary

Cross compiled Perl-compatible regular expression library for use with mingw32.

PCRE has its own native API, but a set of "wrapper" functions that are based on

the POSIX API are also supplied in the library libpcreposix. Note that this

just provides a POSIX calling interface to PCRE: the regular expressions

themselves still follow Perl syntax and semantics. The header file

for the POSIX-style functions is called pcreposix.h.

Update Information:

Update to 8.38 and fix various CVE's

Change Log

References


[ 1 ] Bug #1287720 - CVE-2015-8395 mingw-pcre: pcre: Buffer overflow caused by certain references [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1287720 [ 2 ] Bug #1287704 - CVE-2015-8394 mingw-pcre: pcre: Integer overflow caused by missing check for certain conditions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1287704 [ 3 ] Bug #1287698 - CVE-2015-8393 mingw-pcre: pcre: Information leak when running pcgrep -q on crafted binary [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1287698 [ 4 ] Bug #1287692 - CVE-2015-8392 mingw-pcre: pcre: Buffer overflow caused by certain patterns with duplicated named groups [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1287692 [ 5 ] Bug #1287673 - CVE-2015-8391 mingw-pcre: pcre: Some pathological patterns causes pcre_compile() to run for a very long time [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1287673 [ 6 ] Bug #1287668 - CVE-2015-8390 ming...

Read the Full Advisory

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update mingw-pcre' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: mingw-pcre
Product: Fedora 23
Version: 8.38
Release: 1.fc23
URL: /
Summary: MinGW Windows pcre library

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.