[Secure-testing-team] Bug#787641: pcre3: CVE-2015-3217
Salvatore Bonaccorso
carnil at debian.org
Wed Jun 3 17:03:37 UTC 2015
Source: pcre3
Version: 2:8.35-5
Severity: important
Tags: security upstream
Hi,
the following vulnerability was published for pcre3 (reporting this
separately instead collecting to the others since don't know affected
versions, original report confirms 8.33, 8.34, 8.35, 8.36, 8.37 to be
vulnerable).
CVE-2015-3217[0]:
PCRE Library Call Stack Overflow Vulnerability in match()
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2015-3217
[1] https://bugs.exim.org/show_bug.cgi?id=1638
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
More information about the Secure-testing-team
mailing list