FEDORA-2015-eb896290d3 created by ppisar 4 years ago for Fedora 22
stable

This release fixes these vulnerabilies: CVE-2015-8383, CVE-2015-8386, CVE-2015-8387, CVE-2015-8389, CVE-2015-8390, CVE-2015-8391, CVE-2015-8393, CVE-2015-8394. It also fixes compiling comments with auto-callouts, compiling expressions with negated classes in UCP mode, compiling expressions with an isolated \E between an item and its qualifier with auto-callouts, a crash in regexec() if REG_STARTEND option is set and pmatch argument is NULL, a stack overflow when formatting a 32-bit integer in pcregrep tool, compiling expressions with an empty \Q\E sequence between an item and its qualifier with auto-callouts, compiling expressions with global extended modifier that is disabled by local no-extended option at the start of the expression just after a whitespace, a possible crash in pcre_copy_named_substring() if a named substring has number greater than the space in the ovector, a buffer overflow when compiling an expression with named groups with a group that reset capture numbers, and a crash in pcre_get_substring_list() if the use of \K caused the start of the match to be earlier than the end.

How to install

sudo dnf upgrade --advisory=FEDORA-2015-eb896290d3

This update has been submitted for testing by ppisar.

4 years ago

pcre-8.38-1.fc22 ejected from the push because u"Cannot find relevant tag for pcre-8.38-1.fc22. None of ['f22-updates-testing', 'f22-updates-testing-pending'] are in [u'epel7-testing-candidate', u'dist-6E-epel-testing-candidate', u'dist-5E-epel-testing-candidate', u'f22-updates-candidate', u'f23-updates-candidate', u'f21-updates-candidate']."

4 years ago

This update has been submitted for testing by ppisar.

4 years ago
User Icon hreindl commented & provided feedback 4 years ago
karma

works for me

pcre-8.38-1.fc22 ejected from the push because u"Cannot find relevant tag for pcre-8.38-1.fc22. None of ['f22-updates-testing', 'f22-updates-testing-pending'] are in [u'epel7-testing-candidate', u'dist-6E-epel-testing-candidate', u'dist-5E-epel-testing-candidate', u'f22-updates-candidate', u'f23-updates-candidate', u'f21-updates-candidate']."

4 years ago
User Icon filiperosset commented & provided feedback 4 years ago
karma

no regressions noted

This update has been pushed to testing.

4 years ago

This update has been submitted for stable by bodhi.

4 years ago
User Icon yuwata commented & provided feedback 4 years ago
karma

works for me

This update has been pushed to stable.

4 years ago

Please login to add feedback.

Metadata
Type
security
Karma
3
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Dates
submitted
4 years ago
in testing
4 years ago
in stable
4 years ago
BZ#1287614 CVE-2015-8383 pcre: Buffer overflow caused by repeated conditional group
0
0
BZ#1287615 CVE-2015-8383 pcre: Buffer overflow caused by repeated conditional group [fedora-all]
0
0
BZ#1287636 CVE-2015-8386 pcre: Buffer overflow caused by lookbehind assertion
0
0
BZ#1287639 CVE-2015-8386 pcre: Buffer overflow caused by lookbehind assertion [fedora-all]
0
0
BZ#1287646 CVE-2015-8387 pcre: Integer overflow in subroutine calls
0
0
BZ#1287647 CVE-2015-8387 pcre: Integer overflow in subroutine calls [fedora-all]
0
0
BZ#1287659 CVE-2015-8389 pcre: Infinite recursion in JIT compiler when processing certain patterns
0
0
BZ#1287660 CVE-2015-8389 pcre: Infinite recursion in JIT compiler when processing certain patterns [fedora-all]
0
0
BZ#1287666 CVE-2015-8390 pcre: Reading from uninitialized memory when processing certain patterns
0
0
BZ#1287667 CVE-2015-8390 pcre: Reading from uninitialized memory when processing certain patterns [fedora-all]
0
0
BZ#1287671 CVE-2015-8391 pcre: Some pathological patterns causes pcre_compile() to run for a very long time
0
0
BZ#1287672 CVE-2015-8391 pcre: Some pathological patterns causes pcre_compile() to run for a very long time [fedora-all]
0
0
BZ#1287695 CVE-2015-8393 pcre: Information leak when running pcgrep -q on crafted binary
0
0
BZ#1287697 CVE-2015-8393 pcre: Information leak when running pcgrep -q on crafted binary [fedora-all]
0
0
BZ#1287702 CVE-2015-8394 pcre: Integer overflow caused by missing check for certain conditions
0
0
BZ#1287703 CVE-2015-8394 pcre: Integer overflow caused by missing check for certain conditions [fedora-all]
0
0

Automated Test Results