diff options
author | Sona Sarmadi <sona.sarmadi@enea.com> | 2016-03-22 12:48:42 +0100 |
---|---|---|
committer | Tudor Florea <tudor.florea@enea.com> | 2016-03-23 00:21:31 +0100 |
commit | 8aa66d3b1a976786c4f794e76f8386dc7f2667e5 (patch) | |
tree | 0124fec8ddcec5bb2b9907792080acfaeb896b6c /meta/recipes-connectivity/bind/bind_9.9.5.bb | |
parent | bc82af0a6a8e7e9422f452a7106caa257af0b6b6 (diff) | |
download | poky-8aa66d3b1a976786c4f794e76f8386dc7f2667e5.tar.gz |
libpcre: Upgrade to libpcre 8.38
The upgrade (libpcre_8.35 to libpcre_8.38) addresses following vulnerabilities:
CVE-2015-3210 pcre: heap buffer overflow in pcre_compile2() / compile_regex()
CVE-2015-3217 pcre: stack overflow in match()
CVE-2015-5073 CVE-2015-8388 pcre: Buffer overflow caused by certain
patterns with an unmatched closing parenthesis
CVE-2015-8380 pcre: Heap-based buffer overflow in pcre_exec
CVE-2015-8381 pcre: Heap Overflow in compile_regex()
CVE-2015-8383 pcre: Buffer overflow caused by repeated conditional group
CVE-2015-8384 pcre: Buffer overflow caused by recursive back reference
by name within certain group
CVE-2015-8385 pcre: Buffer overflow caused by forward reference by name to certain group
CVE-2015-8386 pcre: Buffer overflow caused by lookbehind assertion
CVE-2015-8387 pcre: Integer overflow in subroutine calls
CVE-2015-8389 pcre: Infinite recursion in JIT compiler when processing certain patterns
CVE-2015-8390 pcre: Reading from uninitialized memory when processing certain patterns
CVE-2015-8392 pcre: Buffer overflow caused by certain patterns with duplicated named groups
CVE-2015-8393 pcre: Information leak when running pcgrep -q on crafted binary
CVE-2015-8394 pcre: Integer overflow caused by missing check for certain conditions
CVE-2015-8395 pcre: Buffer overflow caused by certain references
CVE-2016-1283 pcre: Heap buffer overflow in pcre_compile2 causes DoS
References:
http://www.pcre.org/original/changelog.txt
http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?h=jethro&id=049be17b533d7c592dae8e0f33ddbae54639a776
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Diffstat (limited to 'meta/recipes-connectivity/bind/bind_9.9.5.bb')
0 files changed, 0 insertions, 0 deletions