[ubuntu/wily-proposed] pcre3 2:8.35-7ubuntu2 (Accepted)

Seyeong Kim seyeong.kim at canonical.com
Thu Jul 23 13:20:12 UTC 2015 

pcre3 (2:8.35-7ubuntu2) wily; urgency=low

  * SECURITY UPDATE: PCRE Library Heap Overflow Vulnerability
    - debian/patches/cve-2015-2325.patch: change some variables
      pointer to integer, and related contents. Based on upstream patch
    - CVE-2015-2325
  * SECURITY UPDATE: PCRE Library Heap overflow Vulnerability II
    - debian/patches/cve-2015-2326.patch: take save_hwm_offset out
      from adjust_recurse. Based on upstream patch
    - CVE-2015-2326
  * SECURITY UPDATE: PCRE Library Heap Overflow Vulnerability
    - debian/patches/cve-2015-3210.patch: change checking if
      oc->number == recno code, Based on upstream patch
    - CVE-2015-3210
  * SECURITY UPDATE: PCRE Library Heap Overflow Vulnerability in
    find_fixedlength()
    - debian/patches/cve-2015-5073.patch: missing test code
      Based on upstream patch
    - CVE-2015-5073

Date: Tue, 21 Jul 2015 15:42:03 +0900
Changed-By: Seyeong Kim <seyeong.kim at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/pcre3/2:8.35-7ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 21 Jul 2015 15:42:03 +0900
Source: pcre3
Binary: libpcre3 libpcre3-udeb libpcrecpp0 libpcre3-dev libpcre3-dbg pcregrep libpcre16-3 libpcre32-3
Architecture: source
Version: 2:8.35-7ubuntu2
Distribution: wily
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Seyeong Kim <seyeong.kim at canonical.com>
Description:
 libpcre16-3 - Perl 5 Compatible Regular Expression Library - 16 bit runtime fil
 libpcre3   - Perl 5 Compatible Regular Expression Library - runtime files
 libpcre3-dbg - Perl 5 Compatible Regular Expression Library - debug symbols
 libpcre3-dev - Perl 5 Compatible Regular Expression Library - development files
 libpcre3-udeb - Perl 5 Compatible Regular Expression Library - runtime files (ude (udeb)
 libpcre32-3 - Perl 5 Compatible Regular Expression Library - 32 bit runtime fil
 libpcrecpp0 - Perl 5 Compatible Regular Expression Library - C++ runtime files
 pcregrep   - grep utility that uses perl 5 compatible regexes.
Changes:
 pcre3 (2:8.35-7ubuntu2) wily; urgency=low
 .
   * SECURITY UPDATE: PCRE Library Heap Overflow Vulnerability
     - debian/patches/cve-2015-2325.patch: change some variables
       pointer to integer, and related contents. Based on upstream patch
     - CVE-2015-2325
   * SECURITY UPDATE: PCRE Library Heap overflow Vulnerability II
     - debian/patches/cve-2015-2326.patch: take save_hwm_offset out
       from adjust_recurse. Based on upstream patch
     - CVE-2015-2326
   * SECURITY UPDATE: PCRE Library Heap Overflow Vulnerability
     - debian/patches/cve-2015-3210.patch: change checking if
       oc->number == recno code, Based on upstream patch
     - CVE-2015-3210
   * SECURITY UPDATE: PCRE Library Heap Overflow Vulnerability in
     find_fixedlength()
     - debian/patches/cve-2015-5073.patch: missing test code
       Based on upstream patch
     - CVE-2015-5073
Checksums-Sha1:
 80b7add92520732d49ed07ef61b48310524f5760 2169 pcre3_8.35-7ubuntu2.dsc
 0cb7cae72e22cc00bbc6205f798dccb12cd5a936 30081 pcre3_8.35-7ubuntu2.debian.tar.gz
Checksums-Sha256:
 dd13abcc3c02d900a66d96ccc4f23fbb237b8a47069f141b7fd1cf467ffdb8a9 2169 pcre3_8.35-7ubuntu2.dsc
 9bb3391202c0ac4913f58cee43a9730fcf4568d1eb546922239c0cd71e3f7835 30081 pcre3_8.35-7ubuntu2.debian.tar.gz
Files:
 8505138a3d322a008b1a887a134d4bc1 2169 libs optional pcre3_8.35-7ubuntu2.dsc
 9d932b21a33b4c57e42f9c6691960b9e 30081 libs optional pcre3_8.35-7ubuntu2.debian.tar.gz
Original-Maintainer: Matthew Vernon <matthew at debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJVsOmrAAoJEGVp2FWnRL6T2sYP/RPdp0xIZskt9yXcFE0+greT
rzTFO6SlAKQiO+cV6ftw1P9JYye3ZyMC5xpymXmim89RlLma2ko2UezDereT9Uqj
L+vnCxNvvmfhRiayg0JmKv2s3FpBpkVegK/Hg1T/QKkD75WZLjkw/FXeYmSITq0M
5kGS/8CS7/GX1TM0S94dhEDmenwVEJf0zJekzkazsCmSb+xs8zOW4S2bURhUoiFk
JZL0PHHnS/fayVnc7YuI5QEGBOyRGsrjU0E9Wq3ziYODLJZDe1rggTfRUtTazaQq
/5L/DjlVZq/bMlfJWehlrEpX3sJyOiJuM9viCMP0QnCMmq+9rZbBubDydfcdgKu5
Y3Lc0zhCnQ8GdmkEuTbdihtWNhzXL+gUQorQRmzhFudwl5TDpzdbOsXvrWZiu6Kt
3DltQ792CbiY9LSITBipbYFfIjnJE+umHi2VMdJsnHGf/Fex9nnzBTXnQgLdqG0t
q/c+37eFcpsVzEdGPTPZHB5TE6o3fnV91IjPLQPlMieXiyDnXqRskM5HnHOz4zDK
Y7N3O7hUorJ/HRQPIiVBmSKxSoPYr488owiUMJLmBMQvz9nK7RYOsbX2De4pIzYo
vpQWEChi8g2OVwZwT/uQQei86qliGqDnoAI99sKUtiW4t6CyygPHUwTx3Ozs9LRA
HxZMkmktLBQU4CaVRWef
=ZuA9
-----END PGP SIGNATURE-----

More information about the Wily-changes mailing list