UbuntuUpdates.org

Package "pcre3"

Name: pcre3

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Old Perl 5 Compatible Regular Expression Library - 16 bit runtime files
  • Old Perl 5 Compatible Regular Expression Library - runtime files
  • Old Perl 5 Compatible Regular Expression Library - debug symbols
  • Old Perl 5 Compatible Regular Expression Library - development files
Latest version: 2:8.39-9ubuntu0.1
Release: bionic (18.04)
Level: updates
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "pcre3" in Bionic

Repository Area Version
base main 2:8.39-9
base universe 2:8.39-9
security main 2:8.39-9ubuntu0.1
security universe 2:8.39-9ubuntu0.1
updates universe 2:8.39-9ubuntu0.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2:8.39-9ubuntu0.1 2022-05-17 17:06:19 UTC

  pcre3 (2:8.39-9ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: buffer over-read in JIT
    - debian/patches/CVE-2019-20838.patch: check if type is not
      extended Unicode parameter or Unicode new line in
      pcre_jit_compile.c.
    - CVE-2019-20838
  * SECURITY UPDATE: integer overflow via a large number
    - debian/patches/CVE-2020-14155.patch: ensure that the number
      is lower than 256 in pcre_compile.c.
    - CVE-2020-14155

 -- David Fernandez Gonzalez <email address hidden> Tue, 17 May 2022 09:42:45 +0200
CVE-2019-20838 libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related
CVE-2020-14155 libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.


About   -   Send Feedback to @ubuntu_updates