handdator

Visa fullständig version : Nyhetsflöde USN-624-1: PCRE vulnerability



RSSfeed
2008-07-15, 06:49
<div class="field field-type-text field-field-referenced-cves"><div class="field-label">Referenced CVEs:&nbsp;</div><div class="field-items"><div class="field-item">CVE-2008-2371</div></div></div><div class="field field-type-text field-field-description"><div class="field-label">Description:&nbsp;</div><div class="field-items"><div class="field-item"><div class="usn">
================================================== =========
Ubuntu Security Notice USN-624-1 July 15, 2008
pcre3 vulnerability
CVE-2008-2371
================================================== =========

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 7.04
Ubuntu 7.10
Ubuntu 8.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
libpcre3 7.4-0ubuntu0.6.06.3

Ubuntu 7.04:
libpcre3 7.4-0ubuntu0.7.04.3

Ubuntu 7.10:
libpcre3 7.4-0ubuntu0.7.10.3

Ubuntu 8.04 LTS:
libpcre3 7.4-1ubuntu2.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

Tavis Ormandy discovered that the PCRE library did not correctly handle
certain in-pattern options. An attacker could cause applications linked
against pcre3 to crash, leading to a denial of service.
</div></div></div></div>

Mer... (http://www.ubuntu.com/usn/usn-624-1)