Bug 126471 - devel/pcre is vulnerable
Summary: devel/pcre is vulnerable
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Kirill Ponomarev
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2008-08-12 07:30 UTC by TsurutaniNaoki
Modified: 2008-08-12 16:50 UTC (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description TsurutaniNaoki 2008-08-12 07:30:03 UTC 
	see http://www.ciac.org/ciac/bulletins/s-336.shtml

Fix: 

patch about debian is available, but I cannot confirm it.
Comment 1 Edwin Groothuis freebsd_committer freebsd_triage 2008-08-12 07:30:20 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->krion

Over to maintainer (via the GNATS Auto Assign Tool)
Comment 2 dfilter service freebsd_committer freebsd_triage 2008-08-12 16:48:29 UTC 
krion       2008-08-12 15:48:15 UTC

  FreeBSD ports repository

  Modified files:
    devel/pcre           Makefile 
  Added files:
    devel/pcre/files     patch-pcre__compile.c 
  Log:
  Fix a heap overflow condition when compiling certain regular
  expressions involving in-pattern options and branches, potentially
  leading to arbitrary code execution.
  
  PR:             ports/126471
  Submitted by:   Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp>
  
  Revision  Changes    Path
  1.52      +1 -0      ports/devel/pcre/Makefile
  1.1       +14 -0     ports/devel/pcre/files/patch-pcre__compile.c (new)
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 3 Kirill Ponomarev freebsd_committer freebsd_triage 2008-08-12 16:48:33 UTC 
State Changed
From-To: open->closed

Committed. Thanks!