Scientific Linux alert SLSA-2016:1025-1 (pcre) [LWN.net]


From:
    	       Pat Riehecky <riehecky@fnal.gov> 
To:
    	       <scientific-linux-errata@listserv.fnal.gov> 
Subject:
    	       Security ERRATA Important: pcre on SL7.x x86_64 
Date:
    	       Wed, 11 May 2016 15:22:53 +0000
Message-ID:
    	       <20160511152253.32022.94106@slpackages.fnal.gov>
Synopsis:          Important: pcre security update
Advisory ID:       SLSA-2016:1025-1
Issue Date:        2016-05-11
CVE Numbers:       CVE-2015-3217
                   CVE-2015-5073
                   CVE-2015-8388
                   CVE-2015-2328
                   CVE-2015-8385
                   CVE-2015-8386
                   CVE-2015-8391
                   CVE-2016-3191
--

Security Fix(es):

* Multiple flaws were found in the way PCRE handled malformed regular
expressions. An attacker able to make an application using PCRE process a
specially crafted regular expression could use these flaws to cause the
application to crash or, possibly, execute arbitrary code. (CVE-2015-8385,
CVE-2016-3191, CVE-2015-2328, CVE-2015-3217, CVE-2015-5073, CVE-2015-8388,
CVE-2015-8391, CVE-2015-8386)
--

SL7
  x86_64
    pcre-8.32-15.el7_2.1.i686.rpm
    pcre-8.32-15.el7_2.1.x86_64.rpm
    pcre-debuginfo-8.32-15.el7_2.1.i686.rpm
    pcre-debuginfo-8.32-15.el7_2.1.x86_64.rpm
    pcre-devel-8.32-15.el7_2.1.i686.rpm
    pcre-devel-8.32-15.el7_2.1.x86_64.rpm
    pcre-static-8.32-15.el7_2.1.i686.rpm
    pcre-static-8.32-15.el7_2.1.x86_64.rpm
    pcre-tools-8.32-15.el7_2.1.x86_64.rpm

- Scientific Linux Development Team

From:		Pat Riehecky <riehecky@fnal.gov>
To:		<scientific-linux-errata@listserv.fnal.gov>
Subject:		Security ERRATA Important: pcre on SL7.x x86_64
Date:		Wed, 11 May 2016 15:22:53 +0000
Message-ID:		<20160511152253.32022.94106@slpackages.fnal.gov>