| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | libpcre: Fix CVE-2016-3191 | Ismo Puustinen | 2016-09-23 | 1 | -0/+1 |
| | | | | | | | | | | | | | | | | | Fix workspace overflow for (*ACCEPT) with deeply nested parentheses. The patch is from libpcre version control at http://vcs.pcre.org/pcre?view=revision&revision=1631 with the ChangeLog part removed. Original author is Philip Hazel. (From OE-Core rev: 249cc163e7a16f307e8b94a7b449cd3e93cc6b15) Signed-off-by: Ismo Puustinen <ismo.puustinen@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit 386534f968f4da376ba7778b5d436bad4ce8355b) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> | ||||
| * | libpcre: bug fixes include security | Armin Kuster | 2016-01-30 | 1 | -0/+78 |
| [Yocto # 9008] This is the next patch release for pcre. The 8.xx series now only contains bug fixes. http://www.pcre.org/original/changelog.txt The following security fixes are included: CVE-2015-3210 pcre: heap buffer overflow in pcre_compile2() / compile_regex() CVE-2015-3217 pcre: stack overflow in match() CVE-2015-5073 CVE-2015-8388 pcre: Buffer overflow caused by certain patterns with an unmatched closing parenthesis CVE-2015-8380 pcre: Heap-based buffer overflow in pcre_exec CVE-2015-8381 pcre: Heap Overflow in compile_regex() CVE-2015-8383 pcre: Buffer overflow caused by repeated conditional group CVE-2015-8384 pcre: Buffer overflow caused by recursive back reference by name within certain group CVE-2015-8385 pcre: Buffer overflow caused by forward reference by name to certain group CVE-2015-8386 pcre: Buffer overflow caused by lookbehind assertion CVE-2015-8387 pcre: Integer overflow in subroutine calls CVE-2015-8389 pcre: Infinite recursion in JIT compiler when processing certain patterns CVE-2015-8390 pcre: Reading from uninitialized memory when processing certain patterns CVE-2015-8392 pcre: Buffer overflow caused by certain patterns with duplicated named groups CVE-2015-8393 pcre: Information leak when running pcgrep -q on crafted binary CVE-2015-8394 pcre: Integer overflow caused by missing check for certain conditions CVE-2015-8395 pcre: Buffer overflow caused by certain references CVE-2016-1283 pcre: Heap buffer overflow in pcre_compile2 causes DoS (From OE-Core rev: 3e403cc1bdeefd4f39e54bae2269ca56307e8468) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> | |||||
 |
index : linux/poky.git | |
| Mirror of git.yoctoproject.org/poky | N/A |
| summaryrefslogtreecommitdiffstats |