You are here
Home > Preporuke > Ranjivost programskog paketa mingw-pcre

Ranjivost programskog paketa mingw-pcre

  • Detalji os-a: FED
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2014-17624
2014-12-27 08:07:04
——————————————————————————–

Name : mingw-pcre
Product : Fedora 20
Version : 8.33
Release : 4.fc20
URL : http://www.pcre.org/
Summary : MinGW Windows pcre library
Description :
Cross compiled Perl-compatible regular expression library for use with mingw32.

PCRE has its own native API, but a set of “wrapper” functions that are based on
the POSIX API are also supplied in the library libpcreposix. Note that this
just provides a POSIX calling interface to PCRE: the regular expressions
themselves still follow Perl syntax and semantics. The header file
for the POSIX-style functions is called pcreposix.h.

——————————————————————————–
Update Information:

Fix CVE-2014-8964
——————————————————————————–
ChangeLog:

* Thu Dec 25 2014 Yaakov Selkowitz <yselkowi@redhat.com> – 8.33-4
– Add upstream patches from main pcre package
——————————————————————————–
References:

[ 1 ] Bug #1177278 – CVE-2014-8964 mingw-pcre: pcre: incorrect handling of zero-repeat assertion conditions [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1177278
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update mingw-pcre’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

——————————————————————————–
Fedora Update Notification
FEDORA-2014-17642
2014-12-27 08:07:47
——————————————————————————–

Name : mingw-pcre
Product : Fedora 21
Version : 8.35
Release : 1.fc21
URL : http://www.pcre.org/
Summary : MinGW Windows pcre library
Description :
Cross compiled Perl-compatible regular expression library for use with mingw32.

PCRE has its own native API, but a set of “wrapper” functions that are based on
the POSIX API are also supplied in the library libpcreposix. Note that this
just provides a POSIX calling interface to PCRE: the regular expressions
themselves still follow Perl syntax and semantics. The header file
for the POSIX-style functions is called pcreposix.h.

——————————————————————————–
Update Information:

Update to 8.35 and fix CVE-2014-8964
——————————————————————————–
ChangeLog:

* Thu Dec 25 2014 Yaakov Selkowitz <yselkowi@redhat.com> – 8.35-1
– Update to 8.35
– Add upstream patches from main pcre package
——————————————————————————–
References:

[ 1 ] Bug #1177278 – CVE-2014-8964 mingw-pcre: pcre: incorrect handling of zero-repeat assertion conditions [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1177278
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update mingw-pcre’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

——————————————————————————–
Fedora Update Notification
FEDORA-2014-17626
2014-12-27 08:07:08
——————————————————————————–

Name : mingw-pcre
Product : Fedora 19
Version : 8.33
Release : 4.fc19
URL : http://www.pcre.org/
Summary : MinGW Windows pcre library
Description :
Cross compiled Perl-compatible regular expression library for use with mingw32.

PCRE has its own native API, but a set of “wrapper” functions that are based on
the POSIX API are also supplied in the library libpcreposix. Note that this
just provides a POSIX calling interface to PCRE: the regular expressions
themselves still follow Perl syntax and semantics. The header file
for the POSIX-style functions is called pcreposix.h.

——————————————————————————–
Update Information:

Fix CVE-2014-8964
——————————————————————————–
ChangeLog:

* Thu Dec 25 2014 Yaakov Selkowitz <yselkowi@redhat.com> – 8.33-4
– Add upstream patches from main pcre package
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> – 8.33-3
– Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Thu Jul 11 2013 Erik van Pienbroek <epienbro@fedoraproject.org> – 8.33-2
– Added -static subpackages
* Wed Jul 3 2013 Erik van Pienbroek <epienbro@fedoraproject.org> – 8.33-1
– Update to 8.33
– Added the configure arguments –enable-pcre8 –enable-pcre16 –enable-pcre32
(the pcre16 one is needed by mingw-qt5-qtbase)
– Use a more verbose filelist
——————————————————————————–
References:

[ 1 ] Bug #1177278 – CVE-2014-8964 mingw-pcre: pcre: incorrect handling of zero-repeat assertion conditions [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1177278
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update mingw-pcre’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
7e

AutorTomislav Protega
Cert idNCERT-REF-2015-01-0020-ADV
CveCVE-2014-8964
ID izvornikaFEDORA-2014-17624 FEDORA-2014-17642 FEDORA-2014-17626
Proizvodmingw-pcre
Izvorhttp://www.redhat.com
Top
More in Preporuke
Ranjivost programskog paketa pyxdg

Otkrivena je ranjivost u funkciji xdg.BaseDirectory.get_runtime_dir u python biblioteci pyxdg. Ranjivost lokalnim korisnicima omogućava prepisivanje proizvoljnih datoteka prethodnim kreiranjem direktorija...

Close