Your submission was sent successfully! Close

USN-173-2: PCRE vulnerability

25 August 2005

PCRE vulnerability

Releases

Details

USN-173-1 fixed a buffer overflow vulnerability in the PCRE library.
However, it was determined that this did not suffice to prevent all
possible overflows, so another update is necessary.

In addition, it was found that the Ubuntu 4.10 version of Apache 2
contains a static copy of the library code, so this package needs to
be updated as well. In Ubuntu 5.04, Apache 2 uses the external library
from the libpcre3 package.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 5.04
  • apache2-mpm-worker -
  • apache2-mpm-perchild -
  • libpcre3 -
  • apache2 -
  • apache2-mpm-prefork -
  • apache2-mpm-threadpool -
Ubuntu 4.10
  • apache2-mpm-worker -
  • apache2-mpm-perchild -
  • libpcre3 -
  • apache2 -
  • apache2-mpm-prefork -
  • apache2-mpm-threadpool -

In general, a standard system update will make all the necessary changes.

References

Related notices