Bug 1287671 (CVE-2015-8391)
Summary: | CVE-2015-8391 pcre: inefficient posix character class syntax check (8.38/16) | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Adam Mariš <amaris> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | adam.stokes, andrew, carnil, erik-fedora, jgrulich, jorton, lkundrak, mclasen, mmaslano, pmyers, ppisar, rcollet, rmeggins, sardella, slawomir, walters, webstack-team, yozone |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | pcre 8.38 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2016-11-15 13:41:19 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1287672, 1287673, 1287674, 1287675, 1330455, 1330456, 1330508, 1330509 | ||
Bug Blocks: | 1287727 |
Description
Adam Mariš
2015-12-02 13:43:52 UTC
Created pcre tracking bugs for this issue: Affects: fedora-all [bug 1287672] Created glib2 tracking bugs for this issue: Affects: fedora-all [bug 1287674] Created mingw-pcre tracking bugs for this issue: Affects: fedora-all [bug 1287673] Affects: epel-7 [bug 1287675] Corresponds to item 23 in http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup Fixed in upstream with: commit 485a930d11bfd1ba8c292fe14976f0a3e12c2b93 Author: ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15> Date: Tue Jul 21 13:47:22 2015 +0000 Fix "run for ever" bug for deeply nested [: sequences. git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1579 2f5784b3-3f2a-0410-8824- cb99058d5e15 Reproducer is to pass "[[[.\xe8Nq\xffq\xff\xe0\x2|||::Nq\xffq\xff\xe0\x6\x2|||::[[[:[::::::[[[[[::::::::[:[[[:[:::[[[[[[[[[[[[:::::::::::::::::[[.\xe8Nq\xffq\xff\xe0\x2|||::Nq\xffq\xff\xe0\x6\x2|||::[[[:[::::::[[[[[::::::::[:[[[:[:::[[[[[[[[[[[[[[:::E[[[:[:[[:[:::[[:::E[[[:[:[[:'[:::::E[[[:[::::::[[[:[[[[[[[::E[[[:[::::::[[[:[[[[[[[[:[[::[::::[[:::::::[[:[[[[[[[:[[::[:[[:[~" to pcretest. pcre-8.38-1.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report. (In reply to Petr Pisar from comment #5) > Fixed in upstream with: > > commit 485a930d11bfd1ba8c292fe14976f0a3e12c2b93 > Author: ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15> > Date: Tue Jul 21 13:47:22 2015 +0000 > > Fix "run for ever" bug for deeply nested [: sequences. Upstream commit link: http://vcs.pcre.org/pcre?view=revision&revision=1579 (In reply to Petr Pisar from comment #6) > Reproducer is to pass A cleaner test case is this pattern: /[:[:[:[:[:[:[:[:[:[:[:[:[:[:[:[:[:[:[:[:[:[:[:[:[:[:[:[:[:[:/ It should run long enough to make problem visible and still not too long. Add or remove few '[:' to make it run longer or shorter. This problem was introduced in version 8.13, when check_posix_syntax() function was modified to call itself recursively: http://vcs.pcre.org/pcre?view=revision&revision=640 https://bugs.exim.org/show_bug.cgi?id=1123 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2016:1025 https://rhn.redhat.com/errata/RHSA-2016-1025.html This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7.1 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.2 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7 Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS Red Hat Software Collections for Red Hat Enterprise Linux 6 Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS Via RHSA-2016:1132 https://access.redhat.com/errata/RHSA-2016:1132 This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 6 Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7 Red Hat Software Collections for Red Hat Enterprise Linux 7.2 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.3 EUS Via RHSA-2016:2750 https://rhn.redhat.com/errata/RHSA-2016-2750.html |