USN-624-1: PCRE vulnerability

07-14-2008

Registered User

26,240, 27

Join Date: Sep 2000

Last Activity: 1 August 2008, 3:09 PM EDT

Posts: 26,240

Thanks Given: 0

Thanked 27 Times in 26 Posts

USN-624-1: PCRE vulnerability

Referenced CVEs:
CVE-2008-2371

Description:
=========================================================== Ubuntu Security Notice USN-624-1 July 15, 2008 pcre3 vulnerability CVE-2008-2371 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libpcre3 7.4-0ubuntu0.6.06.3 Ubuntu 7.04: libpcre3 7.4-0ubuntu0.7.04.3 Ubuntu 7.10: libpcre3 7.4-0ubuntu0.7.10.3 Ubuntu 8.04 LTS: libpcre3 7.4-1ubuntu2.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Tavis Ormandy discovered that the PCRE library did not correctly handle certain in-pattern options. An attacker could cause applications linked against pcre3 to crash, leading to a denial of service.

More...

Linux Bot

View Public Profile for Linux Bot

Find all posts by Linux Bot

fpsd(1M) System Administration Commands fpsd(1M) NAME
fpsd - Fp-scrubber daemon SYNOPSIS
/usr/lib/fps/fpsd DESCRIPTION
fpsd is a user-level daemon that periodically runs non-intrusive tests to validate proper functioning of FPU (Floating Point Unit) hardware in the system. A fault management action is initiated by means of fmd(1M), in case an error is detected by the test. EXIT STATUS
The following exit values are returned: 0 Successful completion. non-zero An error occurred. ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Availability |SUNWfsu | +-----------------------------+-----------------------------+ |Interface Stability |Uncommitted | +-----------------------------+-----------------------------+ SEE ALSO
svcs(1), fmd(1M), svcadm(1M), svccfg(1M), attributes(5), smf(5) NOTES
The fpsd service is managed by the service management facility, smf(5), under the service identifier: svc:/system/fpsd:default You can use svccfg(1M) to change the default fpsd behavior: Property Name Type Description ------------- ---- ----------- config/exclude_cpus astring comma delimited list of CPU IDs to be excluded from proactive testing. Administrative actions on this service, such as enabling, disabling, or requesting restart, can be performed using svcadm(1M). The ser- vice's status can be queried using the svcs(1) command. Disabling the service can increase system's vulnerability to silent data corruption, if a fault were to develop in an FPU within the sys- tem. SunOS 5.11 7 Aug 2008 fpsd(1M)

Security Advisories (RSS)

USN-624-1: PCRE vulnerability

LEARN ABOUT OPENSOLARIS

fpsd