UbuntuUpdates.org

Package "pcre3"

Name: pcre3

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Old Perl 5 Compatible Regular Expression Library - 16 bit runtime files
  • Old Perl 5 Compatible Regular Expression Library - runtime files
  • Old Perl 5 Compatible Regular Expression Library - debug symbols
  • Old Perl 5 Compatible Regular Expression Library - development files

Latest version: 2:8.39-12ubuntu0.1
Release: focal (20.04)
Level: security
Repository: main

Links



Other versions of "pcre3" in Focal

Repository Area Version
base universe 2:8.39-12build1
base main 2:8.39-12build1
security universe 2:8.39-12ubuntu0.1
updates main 2:8.39-12ubuntu0.1
updates universe 2:8.39-12ubuntu0.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2:8.39-12ubuntu0.1 2022-05-17 16:06:39 UTC

  pcre3 (2:8.39-12ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: buffer over-read in JIT
    - debian/patches/CVE-2019-20838.patch: check if type is not
      extended Unicode parameter or Unicode new line in
      pcre_jit_compile.c.
    - CVE-2019-20838
  * SECURITY UPDATE: integer overflow via a large number
    - debian/patches/CVE-2020-14155.patch: ensure that the number
      is lower than 256 in pcre_compile.c.
    - CVE-2020-14155

 -- David Fernandez Gonzalez <email address hidden> Mon, 16 May 2022 13:25:33 +0200

CVE-2019-20838 libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related
CVE-2020-14155 libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.



About   -   Send Feedback to @ubuntu_updates