FEDORA-2016-65833b5dbc

security update in Fedora 23 for pcre

Status: stable 3 years ago

This release fixes a heap buffer overflow in handling of nested duplicate named groups with a nested back reference and a heap buffer overflow in pcretest causing infinite loop when matching globally with an ovector less than 2.

How to install

sudo dnf upgrade --advisory=FEDORA-2016-65833b5dbc

Comments 7

This update has been submitted for testing by ppisar.

works for me, mod_security, postfix with all sort of regex are fine

karma: +1

This update has been pushed to testing.

works for me

karma: +1

This update has been submitted for stable by bodhi.

works for me

karma: +1

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
+3
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Enabled
Autopush (time)
Disabled
Dates
submitted 3 years ago
in testing 3 years ago
in stable 3 years ago

Related Bugs 4

00 #1295385 CVE-2016-1283 pcre: heap buffer overflow in handling of duplicate named groups (8.39/14)
00 #1295386 CVE-2016-1283 pcre: Heap buffer overflow in pcre_compile2 causes DoS [fedora-all]
00 #1312782 pcre: Heap buffer overflow in pcretest causing infinite loop
00 #1312786 pcre: Heap buffer overflow in pcretest causing infinite loop [fedora-all]

Automated Test Results