Fedora 30: oniguruma FEDORA-2019-e4819c6510
Summary
Oniguruma is a regular expressions library.
The characteristics of this library is that different character encoding
for every regular expression object can be specified.
(supported APIs: GNU regex, POSIX and Oniguruma native)
oniguruma security fix bugport, including fix for CVE-2019-16163 and bugs found
on PHP.
* Mon Nov 11 2019 Mamoru TASAKA
- Upstream patch for CVE-2019-16163 (#1768997)
- Another fix backports out of request from PHP maintainer (#1728971)
* Fri Jul 12 2019 Mamoru TASAKA
- Upstream patch for CVE-2019-13225 (#1728966)
- NON-upstream patch for CVE-2019-13224 (#1728971)
* Tue May 7 2019 Mamoru TASAKA
- rc3 released as 6.9.2 final release
* Wed Apr 24 2019 Mamoru TASAKA
- 6.9.2-rc3
[ 1 ] Bug #1768998 - CVE-2019-16163 oniguruma: stack exhaustion in regcomp.c because of recursion in regparse.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1768998
[ 2 ] Bug #1755880 - PHP security fix
https://bugzilla.redhat.com/show_bug.cgi?id=1755880
su -c 'dnf upgrade --advisory FEDORA-2019-e4819c6510' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
FEDORA-2019-e4819c6510 2019-11-21 00:54:51.095189 Product : Fedora 30 Version : 6.9.2 Release : 3.fc30 URL : https://github.com/kkos/oniguruma/ Summary : Regular expressions library Description : Oniguruma is a regular expressions library. The characteristics of this library is that different character encoding for every regular expression object can be specified. (supported APIs: GNU regex, POSIX and Oniguruma native) oniguruma security fix bugport, including fix for CVE-2019-16163 and bugs found on PHP. * Mon Nov 11 2019 Mamoru TASAKA - 6.9.2-3 - Upstream patch for CVE-2019-16163 (#1768997) - Another fix backports out of request from PHP maintainer (#1728971) * Fri Jul 12 2019 Mamoru TASAKA - 6.9.2-2 - Upstream patch for CVE-2019-13225 (#1728966) - NON-upstream patch for CVE-2019-13224 (#1728971) * Tue May 7 2019 Mamoru TASAKA - 6.9.2-1 - rc3 released as 6.9.2 final release * Wed Apr 24 2019 Mamoru TASAKA - 6.9.2-0.1.rc3 - 6.9.2-rc3 [ 1 ] Bug #1768998 - CVE-2019-16163 oniguruma: stack exhaustion in regcomp.c because of recursion in regparse.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1768998 [ 2 ] Bug #1755880 - PHP security fix https://bugzilla.redhat.com/show_bug.cgi?id=1755880 su -c 'dnf upgrade --advisory FEDORA-2019-e4819c6510' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
Change Log
References
Update Instructions
