USN-581-1: PCRE vulnerability

21 February 2008

PCRE vulnerability




It was discovered that PCRE did not correctly handle very long strings
containing UTF8 sequences. In certain situations, an attacker could
exploit applications linked against PCRE by tricking a user or automated
system in processing a malicious regular expression leading to a denial
of service or possibly arbitrary code execution.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 7.10
Ubuntu 7.04
Ubuntu 6.10
Ubuntu 6.06

After a standard system upgrade you need to reboot your computer to
effect the necessary changes.