[Secure-testing-team] Bug#794589: pcre3: pcre_exec does not fill offsets for certain regexps
Salvatore Bonaccorso
carnil at debian.org
Tue Aug 4 17:52:33 UTC 2015
Source: pcre3
Version: 2:8.35-7
Severity: important
Tags: security upstream patch
Control: forwarded -1 https://bugs.exim.org/show_bug.cgi?id=1537
Hi,
>From https://bugzilla.redhat.com/show_bug.cgi?id=1187225
> It was reported that pcre_exec in PHP pcre extension partially
> initialize a buffer when an invalid regex is processed, which can
> information disclosure.
A CVE was requested here:
http://www.openwall.com/lists/oss-security/2015/08/04/3
Upstream patch for this issue is included in 8.37 AFAIK, and found
here:
http://vcs.pcre.org/pcre/code/trunk/pcre_exec.c?r1=1502&r2=1510
Regards,
Salvatore
More information about the Secure-testing-team
mailing list