Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-624-1: PCRE vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-624-1: PCRE vulnerability
# 1  
Old 07-14-2008
USN-624-1: PCRE vulnerability
Referenced CVEs:
CVE-2008-2371


Description:
=========================================================== Ubuntu Security Notice USN-624-1 July 15, 2008 pcre3 vulnerability CVE-2008-2371 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libpcre3 7.4-0ubuntu0.6.06.3 Ubuntu 7.04: libpcre3 7.4-0ubuntu0.7.04.3 Ubuntu 7.10: libpcre3 7.4-0ubuntu0.7.10.3 Ubuntu 8.04 LTS: libpcre3 7.4-1ubuntu2.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Tavis Ormandy discovered that the PCRE library did not correctly handle certain in-pattern options. An attacker could cause applications linked against pcre3 to crash, leading to a denial of service.





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT CENTOS

pcre32_get_substring_list

PCRE_GET_SUBSTRING_LIST(3)				     Library Functions Manual					PCRE_GET_SUBSTRING_LIST(3)

NAME

       PCRE - Perl-compatible regular expressions

SYNOPSIS


       #include <pcre.h>

       int pcre_get_substring_list(const char *subject,
	    int *ovector, int stringcount, const char ***listptr);

       int pcre16_get_substring_list(PCRE_SPTR16 subject,
	    int *ovector, int stringcount, PCRE_SPTR16 **listptr);

       int pcre32_get_substring_list(PCRE_SPTR32 subject,
	    int *ovector, int stringcount, PCRE_SPTR32 **listptr);

DESCRIPTION


       This is a convenience function for extracting a list of all the captured substrings. The arguments are:

	 subject       Subject that has been successfully matched
	 ovector       Offset vector that pcre[16|32]_exec used
	 stringcount   Value returned by pcre[16|32]_exec
	 listptr       Where to put a pointer to the list

       The  memory  in	which  the  substrings	and  the  list	are  placed  is obtained by calling pcre[16|32]_malloc(). The convenience function
       pcre[16|32]_free_substring_list() can be used to free it when it is no longer needed. A pointer to a list of pointers is put in	the  vari-
       able  whose  address  is  in  listptr.  The  list  is  terminated  by  a  NULL  pointer.  The  yield  of the function is zero on success or
       PCRE_ERROR_NOMEMORY if sufficient memory could not be obtained.

       There is a complete description of the PCRE native API in the pcreapi page and a description of the POSIX API in the pcreposix page.

PCRE 8.30							   24 June 2012 					PCRE_GET_SUBSTRING_LIST(3)