Описание
ELSA-2015-1447: grep security, bug fix, and enhancement update (LOW)
[2.20-3]
- Updated pcre buildrequires to require pcre-devel >= 7.8-7 Related: rhbz#1193030
[2.20-2]
- Fixed invalid UTF-8 byte sequence error in PCRE mode (by pcre-backported-fixes patch) Resolves: rhbz#1193030
- Fixed buffer overrun for grep -F Resolves: CVE-2015-1345
- Fixed bogus date in the changelog
[2.20-1]
- New version Resolves: rhbz#1064668 Resolves: rhbz#982215 Resolves: rhbz#1126757 Resolves: rhbz#1167766 Resolves: rhbz#1171806
- Fixed \w and \W behaviour in multibyte locales Resolves: rhbz#799863
- Documented --fixed-regexp option Resolves: rhbz#1103270
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
grep
2.20-3.el6
Oracle Linux i686
grep
2.20-3.el6
Связанные CVE
Связанные уязвимости
The bmexec_trans function in kwset.c in grep 2.19 through 2.21 allows local users to cause a denial of service (out-of-bounds heap read and crash) via crafted input when using the -F option.
The bmexec_trans function in kwset.c in grep 2.19 through 2.21 allows local users to cause a denial of service (out-of-bounds heap read and crash) via crafted input when using the -F option.
The bmexec_trans function in kwset.c in grep 2.19 through 2.21 allows local users to cause a denial of service (out-of-bounds heap read and crash) via crafted input when using the -F option.
The bmexec_trans function in kwset.c in grep 2.19 through 2.21 allows ...
Multiple integer overflows in GNU Grep before 2.11 might allow context-dependent attackers to execute arbitrary code via vectors involving a long input line that triggers a heap-based buffer overflow.