oss-sec mailing list archives
CVE request: heap buffer overflow in PCRE
From: Vasyl Kaigorodov <vkaigoro () redhat com>
Date: Thu, 20 Nov 2014 15:43:25 +0100
Hello, Heap buffer overflow issue was reported [1] in PCRE when processing a specially crafted regular expression. Upstream patch for this: http://www.exim.org/viewvc/pcre2?view=rev&revision=154 The next upstream release that will contain the above fix is likely to be around Feb/Mar next year (2015). Additional references: [1]: http://bugs.exim.org/show_bug.cgi?id=1546 [2]: https://bugzilla.redhat.com/show_bug.cgi?id=1166147 Can a CVE be assigned to this please? Thanks. -- Vasyl Kaigorodov | Red Hat Product Security PGP: 0xABB6E828 A7E0 87FF 5AB5 48EB 47D0 2868 217B F9FC ABB6 E828
Attachment:
_bin
Description:
Current thread:
- CVE request: heap buffer overflow in PCRE Vasyl Kaigorodov (Nov 20)
- Re: CVE request: heap buffer overflow in PCRE Murray McAllister (Nov 20)
- Re: CVE request: heap buffer overflow in PCRE cve-assign (Nov 20)
- Re: CVE request: heap buffer overflow in PCRE Murray McAllister (Nov 20)