kumquat-buildroot/package/pcre
Bernd Kuhls bc6a84bb3d package/pcre: security bump to version 8.41
Removed patches 0003 & 0004, applied upstream.

Fixes the following security issues:

CVE-2017-7244 - The _pcre32_xclass function in pcre_xclass.c in libpcre1 in
PCRE 8.40 allows remote attackers to cause a denial of service (invalid
memory read) via a crafted file.

CVE-2017-7245 - Stack-based buffer overflow in the pcre32_copy_substring
function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to
cause a denial of service (WRITE of size 4) or possibly have unspecified
other impact via a crafted file.

CVE-2017-7246 - Stack-based buffer overflow in the pcre32_copy_substring
function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to
cause a denial of service (WRITE of size 268) or possibly have unspecified
other impact via a crafted file.

[Peter: add CVE info]
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-07-13 22:13:56 +02:00
..
0001-Kill-compatibility-bits.patch
0002-Disable-C-unit-tests.patch
Config.in
pcre.hash package/pcre: security bump to version 8.41 2017-07-13 22:13:56 +02:00
pcre.mk package/pcre: security bump to version 8.41 2017-07-13 22:13:56 +02:00