UbuntuUpdates.org

Package "libpcre16-3"

Name: libpcre16-3

Description:

Old Perl 5 Compatible Regular Expression Library - 16 bit runtime files

Latest version: 2:8.39-9ubuntu0.1
Release: bionic (18.04)
Level: security
Repository: main
Head package: pcre3

Links


Download "libpcre16-3"


Other versions of "libpcre16-3" in Bionic

Repository Area Version
base main 2:8.39-9
updates main 2:8.39-9ubuntu0.1

Changelog

Version: 2:8.39-9ubuntu0.1 2022-05-17 16:06:33 UTC

  pcre3 (2:8.39-9ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: buffer over-read in JIT
    - debian/patches/CVE-2019-20838.patch: check if type is not
      extended Unicode parameter or Unicode new line in
      pcre_jit_compile.c.
    - CVE-2019-20838
  * SECURITY UPDATE: integer overflow via a large number
    - debian/patches/CVE-2020-14155.patch: ensure that the number
      is lower than 256 in pcre_compile.c.
    - CVE-2020-14155

 -- David Fernandez Gonzalez <email address hidden> Tue, 17 May 2022 09:42:45 +0200

CVE-2019-20838 libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related
CVE-2020-14155 libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.



About   -   Send Feedback to @ubuntu_updates