Описание
ELSA-2020-4539: pcre2 security and enhancement update (MODERATE)
[10.32-2]
- Fix CVE-2019-20454 (a crash when \X is used without UTF mode in a JIT) (bug #1734468)
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
pcre2
10.32-2.el8
pcre2-devel
10.32-2.el8
pcre2-tools
10.32-2.el8
pcre2-utf16
10.32-2.el8
pcre2-utf32
10.32-2.el8
Oracle Linux x86_64
pcre2
10.32-2.el8
pcre2-devel
10.32-2.el8
pcre2-tools
10.32-2.el8
pcre2-utf16
10.32-2.el8
pcre2-utf32
10.32-2.el8
Связанные CVE
Связанные уязвимости
An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \X is JIT compiled and used to match specially crafted subjects in non-UTF mode. Applications that use PCRE to parse untrusted input may be vulnerable to this flaw, which would allow an attacker to crash the application. The flaw occurs in do_extuni_no_utf in pcre2_jit_compile.c.
An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \X is JIT compiled and used to match specially crafted subjects in non-UTF mode. Applications that use PCRE to parse untrusted input may be vulnerable to this flaw, which would allow an attacker to crash the application. The flaw occurs in do_extuni_no_utf in pcre2_jit_compile.c.
An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \X is JIT compiled and used to match specially crafted subjects in non-UTF mode. Applications that use PCRE to parse untrusted input may be vulnerable to this flaw, which would allow an attacker to crash the application. The flaw occurs in do_extuni_no_utf in pcre2_jit_compile.c.
An out-of-bounds read was discovered in PCRE before 10.34 when the pat ...
