Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:Update
patchinfo.21546
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.21546
<patchinfo incident="21546"> <issue tracker="bnc" id="1172973">VUL-1: CVE-2019-20838: pcre: libpcre allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier</issue> <issue tracker="bnc" id="1172974">VUL-1: CVE-2020-14155: pcre: libpcre allows an integer overflow via a large number after a (?C substring</issue> <issue tracker="bnc" id="1025709">VUL-1: CVE-2017-6004: pcre: crafted regular expression may cause denial of service</issue> <issue tracker="bnc" id="1030807">VUL-0: CVE-2017-7244: pcre: The _pcre32_xclass function in pcre_xclass.c allows remote users to read invalid memory</issue> <issue tracker="bnc" id="1030066">VUL-0: CVE-2017-7186: pcre,pcre2: DoS by triggering an invalid Unicode property lookup</issue> <issue tracker="bnc" id="1030803">VUL-0: CVE-2017-7246: pcre: Stack-based buffer overflow in the pcre32_copy_substring function</issue> <issue tracker="bnc" id="1030805">VUL-0: CVE-2017-7245: pcre: Stack-based buffer overflow in the pcre32_copy_substring function</issue> <issue tracker="cve" id="2017-6004"/> <issue tracker="cve" id="2019-20838"/> <issue tracker="cve" id="2017-7186"/> <issue tracker="cve" id="2020-14155"/> <issue tracker="cve" id="2017-7245"/> <issue tracker="cve" id="2017-7244"/> <issue tracker="cve" id="2017-7246"/> <packager>coolo</packager> <rating>moderate</rating> <category>security</category> <summary>Security update for pcre</summary> <description>This update for pcre fixes the following issues: Update pcre to version 8.45: - CVE-2020-14155: Fixed integer overflow via a large number after a '(?C' substring (bsc#1172974). - CVE-2019-20838: Fixed buffer over-read in JIT compiler (bsc#1172973). - CVE-2017-7244: Fixed invalid read in _pcre32_xclass() (bsc#1030807). - CVE-2017-7245: Fixed buffer overflow in the pcre32_copy_substring (bsc#1030805). - CVE-2017-7246: Fixed another buffer overflow in the pcre32_copy_substring (bsc#1030803). - CVE-2017-7186: Fixed denial of service caused by an invalid Unicode property lookup (bsc#1030066). - CVE-2017-6004: Fixed denial of service via crafted regular expression (bsc#1025709). </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor