Critical PCRE Update for Scientific Linux Addresses CVE-2006-7225

Nov 29, 2007 •

LinuxSecurity Advisories

1 - 2 min read

Scientific Large Esm H500

Topics Covered

security advisory security issue malicious code pcre update Scientific Linux

Important: pcre security update

Date: Thu, 29 Nov 2007 16:24:55 -0600
Reply-To: Troy Dawson 
Sender: Security Errata for Scientific Linux

From: Troy Dawson 
Subject: Security ERRATA for pcre on SL5.x i386/x86_64
Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it."

Synopsis:	Important: pcre security update
Issue date:	2007-11-29
CVE Names:	CVE-2006-7225 CVE-2006-7226 CVE-2006-7228
 CVE-2006-7230

Flaws were discovered in the way PCRE handles certain malformed regular
expressions. If an application linked against PCRE, such as Konqueror,
parses a malicious regular expression, it may have been possible to run
arbitrary code as the user running the application.
(CVE-2006-7225, CVE-2006-7226, CVE-2006-7228, CVE-2006-7230)

SL 5.x

 SRPMS:
pcre-6.6-2.el5_1.7.src.rpm
 i386:
pcre-6.6-2.el5.7.i386.rpm
pcre-devel-6.6-2.el5.7.i386.rpm
 x86_64:
pcre-6.6-2.el5.7.i386.rpm
pcre-6.6-2.el5.7.src.rpm
pcre-6.6-2.el5.7.x86_64.rpm
pcre-devel-6.6-2.el5.7.i386.rpm
pcre-devel-6.6-2.el5.7.x86_64.rpm

-Connie Sieh
-Troy Dawson

Powered By

Linux Security Footer

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Your message here