-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 17 Jul 2019 14:56:48 +0200 Source: libonig Binary: libonig2 libonig2-dbg libonig-dev Architecture: source amd64 Version: 5.9.5-3.2+deb8u2 Distribution: jessie-security Urgency: high Maintainer: Jörg Frings-Fürst <debian@jff-webhosting.net> Changed-By: Markus Koschany <apo@debian.org> Description: libonig-dev - Development files for libonig2 libonig2 - Oniguruma regular expressions library libonig2-dbg - Debugging symbols for libonig2 Changes: libonig (5.9.5-3.2+deb8u2) jessie-security; urgency=high . * Non-maintainer upload by the LTS team. * Fix CVE-2019-13224: A use-after-free in onig_new_deluxe() in regext.c allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte encoding that gets handled by onig_new_deluxe(). Checksums-Sha1: 577835fd247352a443aea137c52b2867424b55f1 2052 libonig_5.9.5-3.2+deb8u2.dsc 804132e1324ef8b940414324c741547d7ecf24e8 587874 libonig_5.9.5.orig.tar.gz 6cd0c735502eb29b4f19000f0aaf1a3d1fd1398d 8856 libonig_5.9.5-3.2+deb8u2.debian.tar.xz a3d58474f99934541e7f45d59e7ec4f519be0405 118194 libonig2_5.9.5-3.2+deb8u2_amd64.deb c38cd75b5dbc143af574552d04e4f30bd04e6be3 200780 libonig2-dbg_5.9.5-3.2+deb8u2_amd64.deb 29fde0a527633d79d33af846b6055d7d0eda90b4 79500 libonig-dev_5.9.5-3.2+deb8u2_amd64.deb Checksums-Sha256: 9f18307e1a4dcbf0e4eb6f9270e16a4d1184da8734064be12967515798dc6350 2052 libonig_5.9.5-3.2+deb8u2.dsc 9f49ae7819a5f47e25449d0e4b010d479f7868a24a7b9884b47041b49a76438a 587874 libonig_5.9.5.orig.tar.gz 0ef168eeb768792e8d28489ccdfbc60d12df64825e7cc2f2f340ba0b2d79a45d 8856 libonig_5.9.5-3.2+deb8u2.debian.tar.xz 2d3fa4ee3633d791a1f4111f21e8ff4ee13f8b2ee44f3bb08d6844e506ec8632 118194 libonig2_5.9.5-3.2+deb8u2_amd64.deb a49b35e44d25d8dacb795c36ec6e797bccde98308098bd319c8ecdf9110c2cb9 200780 libonig2-dbg_5.9.5-3.2+deb8u2_amd64.deb c2e7a78a86526553540734ba7e544948eb8a74d81a3f611e7935001d331d006f 79500 libonig-dev_5.9.5-3.2+deb8u2_amd64.deb Files: 85210f4889c44465221ff5d187d9629c 2052 libs extra libonig_5.9.5-3.2+deb8u2.dsc 970f98a4cd10021b545d84e34c34aae4 587874 libs extra libonig_5.9.5.orig.tar.gz f5a13615f57395da29ea5eb4c560dc95 8856 libs extra libonig_5.9.5-3.2+deb8u2.debian.tar.xz b911c28b28f7b26fa214c6511b2c118e 118194 libs optional libonig2_5.9.5-3.2+deb8u2_amd64.deb 461cc6b4485c38ff6285f272d855a5f2 200780 debug extra libonig2-dbg_5.9.5-3.2+deb8u2_amd64.deb f7cf35a6d4990614e05c555961fee67f 79500 libdevel optional libonig-dev_5.9.5-3.2+deb8u2_amd64.deb -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAl0vHqJfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HkyvAP/A8ozF1tpueiujv9d2S18Xbo7iv+Fnb0oFCl hw38ieIV3Zi7pjXHb+aqv+C31beHYZYAID8pWDktYravaO5FPS3n24RUxWNt2fDc dQdqU0NeuGvclNqtRyRoAHM52qQ7UJE/XIt4Vsp8/mtO3g/5b5XcfWeBytr0dgHp j8QBW8LlM2BfyhecP5ADO3cPu1sm/7wq1/NDdM5hH2vFO+YIVOnEeWSckIE69Cl+ cMKLLnbRp4WCsVrdhyyCNChqx9ah+XAJhRWDU0O8dt/mpWsHmFco1tvnlPqIsgXI saJ54SOja9qDDJz1rR0qRCitjh5Kz/zr4Tg8gudj3VqOVliCd8IflRqp1Fr4IugM 8GZOtIIGdw8Uv+GzzujQ6h8VA3lAL8tg+kIJi83hkm6uF3SAQ12r9ht73vcMjVHx 6KySt/GGKC3yFGQo7k9QycCpJL3D+RKJqwlK3M3F6TNV21qd3zzWFlZG/p9FT/Rx FWEdXkmYDjtqMtNlxsZ5CpdmTbN9IIIXYP5ZYMz2WZxCIg0Gx7X46HPl87VkaM88 5r0mQQZxHJfmrGgyfQObUP5adHmvGTIHN4WtERJANAHtzl9BxgSExZS5jZiB0Rzu edIP7VP9+tsyw4zfiMO4aWFMX38rs6UBkZlBqMqMQISQDlvtadvsUW2+eoKtlsCN OAjG/428 =rs/p -----END PGP SIGNATURE-----
