-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 11 Sep 2015 20:04:19 +0200 Source: pcre3 Binary: libpcre3 libpcre3-udeb libpcrecpp0v5 libpcre3-dev libpcre3-dbg pcregrep libpcre16-3 libpcre32-3 Architecture: source Version: 2:8.35-7.2 Distribution: unstable Urgency: low Maintainer: Matthew Vernon <matthew@debian.org> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Closes: 781795 783285 787433 794589 Description: libpcre16-3 - Perl 5 Compatible Regular Expression Library - 16 bit runtime fil libpcre3 - Perl 5 Compatible Regular Expression Library - runtime files libpcre3-dbg - Perl 5 Compatible Regular Expression Library - debug symbols libpcre3-dev - Perl 5 Compatible Regular Expression Library - development files libpcre3-udeb - Perl 5 Compatible Regular Expression Library - runtime files (ude (udeb) libpcre32-3 - Perl 5 Compatible Regular Expression Library - 32 bit runtime fil libpcrecpp0v5 - Perl 5 Compatible Regular Expression Library - C++ runtime files pcregrep - grep utility that uses perl 5 compatible regexes. Changes: pcre3 (2:8.35-7.2) unstable; urgency=low . * Non-maintainer upload (with maintainer's permission). * Add Fix-compiler-crash-misbehaviour-for-zero-repeated-gr.patch. Fixes "PCRE Library Stack Overflow Vulnerability" (Upstream bug 1503) * Add Fix-compile-time-loop-for-recursive-reference-within.patch. Fixes "PCRE Call Stack Overflow Vulnerability" (Upstream bug 1515) * Add 794589-information-disclosure.patch. Fixes "pcre_exec does not fill offsets for certain regexps" leading to information disclosure. (Closes: #794589) * Add Fix-bad-compile-for-groups-like-2-0-1999.patch. CVE-2015-2325: heap buffer overflow in compile_branch(). (Closes: #781795) * Add Fix-bad-compilation-for-patterns-like-1-1-with-forwa.patch. CVE-2015-2326: heap buffer overflow in pcre_compile2(). (Closes: #783285) * Add Fix-buffer-overflow-for-named-recursive-back-referen.patch. CVE-2015-3210: heap buffer overflow in pcre_compile2() / compile_regex(). (Closes: #787433) Checksums-Sha1: d1afd74a080757a16f01c344b6d6195c6619f7a2 2074 pcre3_8.35-7.2.dsc dd16fc1fa3c85fa3f5a313470af51ccec487a8d9 29105 pcre3_8.35-7.2.debian.tar.gz Checksums-Sha256: cb15b92f85a894cade62cf59892d989ace89d9c7500edda7ec8866a9acaea2f3 2074 pcre3_8.35-7.2.dsc 087754802f54f133a10576186ed4195d7cb39dfba0f2f9c94e20c31f13e25e9c 29105 pcre3_8.35-7.2.debian.tar.gz Files: 7ce1fc5823e8125d4d8f1707a633dd1d 2074 libs optional pcre3_8.35-7.2.dsc 8254b0c3a0e9399a7a093537674fd185 29105 libs optional pcre3_8.35-7.2.debian.tar.gz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJV8xmlAAoJEAVMuPMTQ89E1/YP/ix2ydDB9mMSm64KpcDWFAAe vy8ojv2aEVM5h+S5eZv20Enx0oG9FORApm5J7R2FMjNNutAOc1zQxjoym8r6DkkD vn2WK+OjOnEu7j78atM8QYoTG+kgC/thrT7Tn+hz+fjSHezvRXl4bGZ5x2oFvGmj lgZTbc3dzY0WDXKZpy0WqsNshnyqcOqpZST81nT6XFwIyAqQryqHbM77j4VZ2vic SsfETlOcxZCzYtzKh0pkVg7c9Xj0Tu+PWk5byUFynHdvPFnHqnADcy3Txnny46op z427TSObS6cqhSAUkP1Mir7nGLS3eW1zSSiqPA/wDq9AjMvVPjKkgjrlRUCgNpQJ haM8weHIIAlQblsv7zY67jBA0no/smVb4ig9d9PTWd0PDU26V28sHV2pS1AMvUOB L0S+rhQw6EEX3C8sxcr3B0X6giPxiiqLFK8yqJbKyTsFKmCNNBh9maRBvW0BdWvX Xn8B8kiD7kzVPLaxpt7xm85UtkeK9JWMCUEhrvN4ylAgt+CQAcfULNBeyZjC+S/v xeJxYfITRB5WpwSVnzhf3Xx7XS4IBERLLXxWwqSyjDBun5XqPXyCzSPjAw1kvZ9X G5QotasfCVPWgtkaGztKV5rYqJITNbnpSu87pVBdQ+EoL2L67F7qvI7bOydt9Xeu pvl55R2tiFytxA0/axUf =F5r0 -----END PGP SIGNATURE-----