Bug 15918 - pcre new security issues CVE-2015-2325 and CVE-2015-2326
Summary: pcre new security issues CVE-2015-2325 and CVE-2015-2326
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: Cauldron
Hardware: i586 Linux
Priority: Normal normal
Target Milestone: ---
Assignee: Mageia Bug Squad
QA Contact: Sec team
URL: http://lwn.net/Vulnerabilities/644046/
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-05-12 19:27 CEST by David Walser
Modified: 2022-07-28 04:01 CEST (History)
3 users (show)

See Also:
Source RPM: pcre-8.36-2.mga5.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2015-05-12 19:27:54 CEST 
OpenSuSE has issued an advisory today (May 12):
http://lists.opensuse.org/opensuse-updates/2015-05/msg00014.html

pcre 9.33 in Mageia 4 is not affected.

OpenSuSE updated to 9.37 to fix these issues.  The SuSE bugs also link upstream commits to fix them.

The URLs have changed and should be:
http://vcs.pcre.org/pcre?revision=1528&view=revision
http://vcs.pcre.org/pcre?revision=1529&view=revision

Reproducible: 

Steps to Reproduce:
Comment 1 Nicolas Lécureuil 2015-05-13 01:11:36 CEST 
fixed on SVN and freeze push asked.

CC: (none) => mageia

Comment 2 David Walser 2015-05-13 15:39:43 CEST 
pcre-8.37-1.mga5 uploaded for Cauldron.  Thanks Nicolas!

Status: NEW => RESOLVED
Resolution: (none) => FIXED

Bon Jovi 2022-05-04 11:31:51 CEST

CC: (none) => bonjovi9x

Comment 3 Bon Jovi 2022-05-04 11:33:11 CEST Comment hidden (spam)
Comment 4 Betty Cooper 2022-07-28 04:01:29 CEST Comment hidden (spam)

CC: (none) => bettycooper11it
Note You need to log in before you can comment on or make changes to this bug.