Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-581-1: PCRE vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-581-1: PCRE vulnerability
# 1  
Old 02-21-2008
USN-581-1: PCRE vulnerability
Referenced CVEs:
CVE-2008-0674


Description:
=========================================================== Ubuntu Security Notice USN-581-1 February 21, 2008pcre3 vulnerabilityCVE-2008-0674===========================================================A security issue affects the following Ubuntu releases:Ubuntu 6.06 LTSUbuntu 6.10Ubuntu 7.04Ubuntu 7.10This advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 6.06 LTS: libpcre3 7.4-0ubuntu0.6.06.2Ubuntu 6.10: libpcre3 7.4-0ubuntu0.6.10.2Ubuntu 7.04: libpcre3 7.4-0ubuntu0.7.04.2Ubuntu 7.10: libpcre3 7.4-0ubuntu0.7.10.2After a standard system upgrade you need to reboot your computer toeffect the necessary changes.Details follow:It was discovered that PCRE did not correctly handle very long stringscontaining UTF8 sequences. In certain situations, an attacker couldexploit applications linked against PCRE by tricking a user or automatedsystem in processing a malicious regular expression leading to a denialof service or possibly arbitrary code execution.





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

pcre-config

PCRE-CONFIG(1)						      General Commands Manual						    PCRE-CONFIG(1)

NAME

       pcre-config - program to return PCRE configuration

SYNOPSIS

       pcre-config [--prefix] [--exec-prefix] [--version] [--libs] [--libs-posix] [--cflags] [--cflags-posix]

DESCRIPTION

       pcre-config returns the configuration of the installed PCRE libraries: the options required to compile a program to use them.

OPTIONS

       --prefix  Writes the directory prefix used in the PCRE installation for architecture independent files (e.g. /usr) to standard output.

       --exec-prefix
		 Writes  the  directory  prefix  used in the PCRE installation for architecture dependent files (normally the same as --prefix) to
		 standard output.

       --version Writes the version of PCRE installed to standard output.

       --libs	 Writes to standard output the command line options required to link with PCRE (e.g. -lpcre).

       --libs-posix
		 Writes to standard output the command line options required to link with the  PCRE  POSIX  emulation  library	(e.g.  -lpcreposix
		 -lpcre).

       --cflags  Writes  to standard output the command line options required to compile files that use PCRE (this often includes some -I options,
		 but is blank on debian systems).

       --cflags-posix
		 Writes to standard output the command line options required to compile files that use the  PCRE  POSIX  emulation  library  (this
		 often includes some -I options, but is blank on debian systems). Suppress printing of filenames when searching multiple files.

       AUTHOR
	      This manual page was written by Mark Baker <mark@mnb.org.uk>, for the Debian GNU/Linux system (but may be used by others).

SEE ALSO

       pcre(3)

																    PCRE-CONFIG(1)