Описание
Recommended update for pcre2
This update for pcre2 fixes the following issues:
- CVE-2022-1586: Fixed out-of-bounds read via missing Unicode property matching issue in JIT compiled regular expressions (bsc#1199232).
Список пакетов
Container bci/bci-init:15.3
libpcre2-8-0-10.31-150000.3.7.1
Container bci/golang:1.16
libpcre2-8-0-10.31-150000.3.7.1
Container bci/golang:1.17
libpcre2-8-0-10.31-150000.3.7.1
Container bci/golang:latest
libpcre2-8-0-10.31-150000.3.7.1
Container bci/node:12
libpcre2-8-0-10.31-150000.3.7.1
Container bci/node:14
libpcre2-8-0-10.31-150000.3.7.1
Container bci/nodejs:latest
libpcre2-8-0-10.31-150000.3.7.1
Container bci/openjdk-devel:11
libpcre2-8-0-10.31-150000.3.7.1
Container bci/python:3
libpcre2-8-0-10.31-150000.3.7.1
Container bci/ruby:latest
libpcre2-8-0-10.31-150000.3.7.1
Container ses/7.1/ceph/haproxy:latest
libpcre2-8-0-10.31-150000.3.7.1
Container ses/7.1/ceph/keepalived:latest
libpcre2-8-0-10.31-150000.3.7.1
Container ses/7.1/cephcsi/cephcsi:latest
libpcre2-8-0-10.31-150000.3.7.1
Container ses/7.1/rook/ceph:latest
libpcre2-8-0-10.31-150000.3.7.1
Container suse/sle-micro-rancher/5.2:latest
libpcre2-8-0-10.31-150000.3.7.1
Container trento/trento-db:latest
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP1-CHOST-BYOS-Azure
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP1-CHOST-BYOS-EC2
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP1-CHOST-BYOS-GCE
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP1-SAPCAL-Azure
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP1-SAPCAL-EC2-HVM
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP1-SAPCAL-GCE
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP2-BYOS-Azure
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP2-BYOS-EC2-HVM
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP2-BYOS-GCE
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP2-CHOST-BYOS-Aliyun
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP2-CHOST-BYOS-Azure
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP2-CHOST-BYOS-EC2
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP2-CHOST-BYOS-GCE
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP2-HPC-BYOS-Azure
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP2-HPC-BYOS-EC2-HVM
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP2-SAP-Azure
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP2-SAP-BYOS-Azure
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP2-SAP-BYOS-EC2-HVM
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP2-SAP-BYOS-GCE
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP2-SAP-EC2-HVM
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP2-SAP-GCE
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-BYOS-Azure
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-BYOS-EC2-HVM
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-BYOS-GCE
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-CHOST-BYOS-Aliyun
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-CHOST-BYOS-Azure
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-CHOST-BYOS-EC2
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-CHOST-BYOS-GCE
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-CHOST-BYOS-SAP-CCloud
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-HPC-BYOS-Azure
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-HPC-BYOS-EC2-HVM
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-HPC-BYOS-GCE
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-Micro-5-1-BYOS-Azure
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-Micro-5-1-BYOS-GCE
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-Micro-5-2-BYOS-Azure
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-Micro-5-2-BYOS-GCE
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-SAP-BYOS-Azure
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-SAP-BYOS-EC2-HVM
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-SAP-BYOS-GCE
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-SAPCAL-Azure
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-SAPCAL-EC2-HVM
libpcre2-8-0-10.31-150000.3.7.1
Image SLES15-SP3-SAPCAL-GCE
libpcre2-8-0-10.31-150000.3.7.1
openSUSE Leap 15.4
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-16-0-32bit-10.31-150000.3.7.1
libpcre2-32-0-10.31-150000.3.7.1
libpcre2-32-0-32bit-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
libpcre2-8-0-32bit-10.31-150000.3.7.1
libpcre2-posix2-10.31-150000.3.7.1
libpcre2-posix2-32bit-10.31-150000.3.7.1
pcre2-devel-10.31-150000.3.7.1
pcre2-devel-static-10.31-150000.3.7.1
pcre2-doc-10.31-150000.3.7.1
pcre2-tools-10.31-150000.3.7.1
Ссылки
- Link for SUSE-RU-2022:1883-1
- E-Mail link for SUSE-RU-2022:1883-1
- SUSE Security Ratings
- SUSE Bug 1199232
- SUSE CVE CVE-2022-1586 page
Описание
An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.
Затронутые продукты
Container bci/bci-init:15.3:libpcre2-8-0-10.31-150000.3.7.1
Container bci/golang:1.16:libpcre2-8-0-10.31-150000.3.7.1
Container bci/golang:1.17:libpcre2-8-0-10.31-150000.3.7.1
Container bci/golang:latest:libpcre2-8-0-10.31-150000.3.7.1
Ссылки
- CVE-2022-1586
- SUSE Bug 1199232
- SUSE Bug 1203032