--------------------------------------------------------------------- Fedora Legacy Test Update Notification FEDORALEGACY-2006-168516 Bugzilla https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168516 2006-02-26 --------------------------------------------------------------------- Name : pcre Versions : rh73: pcre-3.9-2.1.legacy Versions : rh9: pcre-3.9-10.1.legacy Versions : fc1: pcre-4.4-1.2.legacy Versions : fc2: pcre-4.5-2.2.legacy Summary : Perl-compatible regular expression library. Description : Perl-compatible regular expression library. PCRE has its own native API, but a set of "wrapper" functions that are based on the POSIX API are also supplied in the library libpcreposix. Note that this just provides a POSIX calling interface to PCRE; the regular expressions themselves still follow Perl syntax and semantics. The header file for the POSIX-style functions is called pcreposix.h. --------------------------------------------------------------------- Update Information: Updated pcre packages are now available to correct a security issue. PCRE is a Perl-compatible regular expression library. An integer overflow flaw was found in PCRE, triggered by a maliciously crafted regular expression. On systems that accept arbitrary regular expressions from untrusted users, this could be exploited to execute arbitrary code with the privileges of the application using the library. The Common Vulnerabilities and Exposures project assigned the name CVE-2005-2491 to this issue. Users should update to these erratum packages that contain a backported patch to correct this issue. --------------------------------------------------------------------- Changelogs rh73: * Fri Oct 28 2005 Leonard den Ottolander <leonard agromisa org> 3.9-2.1.legacy - Fix CAN-2005-2491 rh9: * Sun Feb 19 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 3.9-10.1.legacy - Added patch for CVE-2005-2491 fc1: * Sat Feb 25 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 4.4-1.2.legacy - Added pcre-devel to BuildPrereq * Sun Feb 19 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 4.4-1.1.legacy - Added patch for CVE-2005-2491 fc2: * Sat Feb 25 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 4.5-2.2.legacy - Added pcre-devel to BuildPrereq * Mon Feb 20 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 4.5-2.1.legacy - Added patch for CVE-2005-2491 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedoralegacy.org/ (sha1sums) rh73: 9b641aa989639c706065bafc146d34bb6e282a22 redhat/7.3/updates-testing/i386/pcre-3.9-2.1.legacy.i386.rpm 7d8b094083c7a85991d194d6741a0a664204a19d redhat/7.3/updates-testing/i386/pcre-devel-3.9-2.1.legacy.i386.rpm 9a49145385042483532254fb5d05fae6c3f252f3 redhat/7.3/updates-testing/SRPMS/pcre-3.9-2.1.legacy.src.rpm rh9: d876a7f4cdb3a936b2f72fb629fae928d3db6e96 redhat/9/updates-testing/i386/pcre-3.9-10.1.legacy.i386.rpm 9e516b5e44944b25a47171b15c0229423b10f99d redhat/9/updates-testing/i386/pcre-devel-3.9-10.1.legacy.i386.rpm 55de51292b97aacbad6c375b4ad8578561ac5fe3 redhat/9/updates-testing/SRPMS/pcre-3.9-10.1.legacy.src.rpm fc1: 4edc206f1e0fc0c3df459b6f8de289f27417974b fedora/1/updates-testing/i386/pcre-4.4-1.2.legacy.i386.rpm 0fcc5801dc238bb1fac0d59b8403e6cdcc72f126 fedora/1/updates-testing/i386/pcre-devel-4.4-1.2.legacy.i386.rpm 57b3a2c5c2bb3435d3c7971daf29c665fb2c1687 fedora/1/updates-testing/SRPMS/pcre-4.4-1.2.legacy.src.rpm fc2: bff4b330e8c9a76262020c7ddb2b48f71bf01788 fedora/2/updates-testing/i386/pcre-4.5-2.2.legacy.i386.rpm 8354926500e18905dd94dddc1e6bf44cd236df68 fedora/2/updates-testing/i386/pcre-devel-4.5-2.2.legacy.i386.rpm 9f43e7d484412d93734dfe4b08f87d2ef133100a fedora/2/updates-testing/SRPMS/pcre-4.5-2.2.legacy.src.rpm --------------------------------------------------------------------- Please test and comment in bugzilla.
Attachment:
signature.asc
Description: OpenPGP digital signature
-- fedora-legacy-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-legacy-list
