Your submission was sent successfully! Close

USN-173-1: PCRE vulnerability

24 August 2005

PCRE vulnerability

Releases

Details

A buffer overflow has been discovered in the PCRE, a widely used
library that provides Perl compatible regular expressions. Specially
crafted regular expressions triggered a buffer overflow. On systems
that accept arbitrary regular expressions from untrusted users, this
could be exploited to execute arbitrary code with the privileges of
the application using the library.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 5.04
  • libpcre3 -
Ubuntu 4.10
  • libpcre3 -

In general, a standard system update will make all the necessary changes.

References

Related notices

  • USN-173-2: libpcre3, apache2-mpm-perchild, apache2-mpm-threadpool, apache2, apache2-mpm-worker, apache2-mpm-prefork
  • USN-173-4: python2.2, python2.1, gnumeric, python2.3