Описание
ELSA-2013-0122: tcl security and bug fix update (MODERATE)
[8.4.13-6]
- Fixed infinite loop in regex NFA optimization code Resolves: CVE-2007-4772
- Fixed O(N^2) compile time (and huge memory requirements) for some regexps Resolves: CVE-2007-6067
[8.4.13-5]
- Threaded / nonthreaded versions of tcl are now switchable through alternatives Resolves: rhbz#478961
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
tcl
8.4.13-6.el5
tcl-devel
8.4.13-6.el5
tcl-html
8.4.13-6.el5
Oracle Linux x86_64
tcl
8.4.13-6.el5
tcl-devel
8.4.13-6.el5
tcl-html
8.4.13-6.el5
Oracle Linux i386
tcl
8.4.13-6.el5
tcl-devel
8.4.13-6.el5
tcl-html
8.4.13-6.el5
Связанные CVE
Связанные уязвимости
ELSA-2008-0038: Moderate: postgresql security update (MODERATE)
Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (memory consumption) via a crafted "complex" regular expression with doubly-nested states.
Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (memory consumption) via a crafted "complex" regular expression with doubly-nested states.
Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (memory consumption) via a crafted "complex" regular expression with doubly-nested states.
Algorithmic complexity vulnerability in the regular expression parser ...