[ubuntu/focal-security] rust-regex 1.2.1-3ubuntu0.1 (Accepted)
David Fernandez Gonzalez
david.fernandezgonzalez at canonical.com
Wed Sep 14 07:22:54 UTC 2022
rust-regex (1.2.1-3ubuntu0.1) focal-security; urgency=medium
* SECURITY UPDATE: fix denial-of-service bug in compiler (LP: #1977694)
- debian/patches/CVE-2022-24713-pre.patch: support empty patterns
in src/compile.rs.
- debian/patches/CVE-2022-24713-pre2.patch: account for Unicode
class size in regex compilation error in src/compile.rs.
- debian/patches/CVE-2022-24713.patch: adding a fake amount of
memory every time we compile an empty sub-expression in
src/compile.rs.
- CVE-2022-24713
Date: 2022-06-21 14:50:10.432605+00:00
Changed-By: David Fernandez Gonzalez <david.fernandezgonzalez at canonical.com>
https://launchpad.net/ubuntu/+source/rust-regex/1.2.1-3ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list