FEDORA-2015-ca6e454f47

security update in Fedora 21 for pcre

Status: unpushed

This release fixes CVE-2015-8380 (a heap-based buffer overflow in pcre_exec() when ovector has size 1).


This release fixes a crash when compiling an expression with long (MARK) or (THEN) names. It also fixes compiling a POSIX character class followed by a single ASCII character in a class item while UCP mode is active. It also fixes mismatching characters in the range 128-255 against [:punct:] in UCP mode.

Comments 6

This update has been submitted for testing by ppisar.

This update has obsoleted pcre-8.35-16.fc21, and has inherited its bugs and notes.

This update has been pushed to testing.

ppisar edited this update.

This update has been unpushed.

Fedora 21 is not supported.


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown.

-1 0 +1 Feedback Guidelines
#1285415 pcre: Heap-based buffer overflow in pcre_exec [fedora-all]
#1285413 CVE-2015-8380 pcre: Heap-based buffer overflow in pcre_exec
Does the system's basic functionality continue to work after this update?
Is the update generally functional?
Content Type
RPM
Status
unpushed
Submitted by
Update Type
security
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 2 years ago
in testing 2 years ago
modified 2 years ago

Related Bugs 2

00 #1285415 pcre: Heap-based buffer overflow in pcre_exec [fedora-all]
00 #1285413 CVE-2015-8380 pcre: Heap-based buffer overflow in pcre_exec

Automated Test Results