Fedora 23: 2015-14229 Moderate Pcre Heap Overflow Security Update
fedora
August 27, 2015
This release fixes a heap overflow when compiling certain regular expressions with named refecences
Summary
Perl-compatible regular expression library.
PCRE has its own native API, but a set of "wrapper" functions that are based on
the POSIX API are also supplied in the library libpcreposix. Note that this
just provides a POSIX calling interface to PCRE: the regular expressions
themselves still follow Perl syntax and semantics. The header file
for the POSIX-style functions is called pcreposix.h.
Update Information:
This release fixes a heap overflow when compiling certain regular expressions with named refecences. This release fixes buffer overflows when compiling certain expressions.
Topics Covered
Change Log
References
[ 1 ] Bug #1256449 - pcre: Heap Overflow in compile_regex()
https://bugzilla.redhat.com/show_bug.cgi?id=1256449
[ 2 ] Bug #1250943 - pcre: heap buffer overflow with a crafted regular expression
https://bugzilla.redhat.com/show_bug.cgi?id=1250943
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update pcre' at the command line. For more information, refer to "Managing Software with yum", available at .
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Name: pcre
Product: Fedora 23
Version: 8.37
Release: 4.fc23
URL:
Summary: Perl-compatible regular expression library
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!