Bug 315871 (CVE-2007-1659)

Summary: CVE-2007-1659 pcre regular expression flaws
Product: [Other] Security Response Reporter: Josh Bressers <bressers>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: azelinka, kreilly, omoris, than
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: 7.3-3.fc7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-03-06 16:36:45 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 315951, 315961, 378401, 378411, 380511, 380521, 411731, 413871, 414271    
Bug Blocks: 307451    

Description Josh Bressers 2007-10-02 19:32:47 UTC 
Tavis Ormandy of the Google Security Team reported multiple pcre regular
expressions flaws.  Here are the details pasted from Tavis' mail:

CVE-2007-1659:
unmatched \Q\E sequences with orphan \E codes can cause the compiled
regex to become desynchronized, resulting in corrupt bytecode that may
result in multiple exploitable conditions. This was inadvertently
fixed by the pcre maintainer in version 7.0, however another case of a
lone \E inside a character class remained, this has been fixed in 7.3

Acknowledgements:

Red Hat would like to thank Tavis Ormandy and Will Drewry for properly disclosing these issues.
Comment 6 Josh Bressers 2007-11-05 15:57:51 UTC 
Lifting embargo
Comment 11 Red Hat Product Security 2008-01-14 13:36:03 UTC 
This issue was addressed in:

Red Hat Enterprise Linux:
  http://rhn.redhat.com/errata/RHSA-2007-0967.html
  http://rhn.redhat.com/errata/RHSA-2007-1068.html
Comment 12 Fedora Update System 2008-02-15 16:34:32 UTC 
pcre-7.3-3.fc7 has been submitted as an update for Fedora 7
Comment 13 Fedora Update System 2008-03-06 16:36:21 UTC 
pcre-7.3-3.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.