Sicherheit: Denial of Service in PCRE
Aktuelle Meldungen Distributionen
Name: Denial of Service in PCRE
ID: FEDORA-2017-2c4ddb3ca2
Distribution: Fedora
Plattformen: Fedora 24
Datum: Mi, 26. April 2017, 23:03
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7186
Applikationen: PCRE



Fedora Update Notification
2017-04-26 13:59:41.364410

Name : pcre2
Product : Fedora 24
Version : 10.21
Release : 18.fc24
URL : http://www.pcre.org/
Summary : Perl-compatible regular expression library
Description :
PCRE2 is a re-working of the original PCRE (Perl-compatible regular
expression) library to provide an entirely new API.

PCRE2 is written in C, and it has its own API. There are three sets of
functions, one for the 8-bit library, which processes strings of bytes, one
for the 16-bit library, which processes strings of 16-bit values, and one for
the 32-bit library, which processes strings of 32-bit values. There are no C++

The distribution does contain a set of C wrapper functions for the 8-bit
library that are based on the POSIX regular expression API (see the pcre2posix
man page). These can be found in a library called libpcre2posix. Note that
this just provides a POSIX calling interface to PCRE2; the regular expressions
themselves still follow Perl syntax and semantics. The POSIX API is
restricted, and does not give full access to all of PCRE2's facilities.


Update Information:

This release fixes a crash when finding a Unicode property for a character
a code point greater than 0x10ffff in UTF-32 library while UTF mode is
and JIT mode is enabled. It also fixes an incortect cast in UTF validation


[ 1 ] Bug #1434504 - CVE-2017-7186 pcre: Invalid Unicode property lookup
(8.41/7, 10.24/2)

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade pcre2' at the command line.
For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Pro-Linux @Facebook
Neue Nachrichten