Overview

File _patchinfo of Package patchinfo.3750

<patchinfo incident="3750">
  <packager>AndreasStieger</packager>
  <issue tracker="cve" id="CVE-2014-8964"></issue>
  <issue tracker="cve" id="CVE-2015-2325"></issue>
  <issue tracker="cve" id="CVE-2015-2326"></issue>
  <issue tracker="bnc" id="906574">VUL-1: CVE-2014-8964: pcre: heap buffer overflow</issue>
  <issue tracker="bnc" id="924960">VUL-0: CVE-2015-2325: pcre: heap buffer overflow in compile_branch()</issue>
  <issue tracker="bnc" id="924961">VUL-0: CVE-2015-2326: pcre: heap buffer overflow in pcre_compile2()</issue>
  <category>security</category>
  <rating>moderate</rating>
  <summary>Security update for pcre</summary>
  <description>The regular expression library pcre was updated to 8.37 to fix three security issues and a number of bugs and correctness issues.

The following vulnerabilities were fixed:

* CVE-2015-2325: Specially crafted regular expressions could have caused a heap buffer overlow in compile_branch(), potentially allowing the execution of arbitrary code. (boo#924960)
* CVE-2015-2326: Specially crafted regular expressions could have caused a heap buffer overlow in pcre_compile2(), potentially allowing the execution of arbitrary code. [boo#924961]
* CVE-2014-8964: Specially crafted regular expression could have caused a denial of service (crash) or have other unspecified impact. [boo#906574]
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places