Red Hat Bugzilla – Bug 392891
CVE-2007-4766: pcre < 7.3 integer overflows
Last modified: 2016-03-04 07:42:15 EST
"Multiple integer overflows in Perl-Compatible Regular Expression (PCRE) library
before 7.3 allow context-dependent attackers to cause a denial of service
(crash) or execute arbitrary code via unspecified escape (backslash) sequences."
F7 ships pcre 7.0.
pcre-7.3-3.fc7 has been submitted as an update for Fedora 7
pcre-7.3-3.fc7 has been pushed to the Fedora 7 testing repository. If problems still persist, please make note of it in this bug report.
If you want to test the update, you can install it with
su -c 'yum --enablerepo=updates-testing update pcre'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F7/FEDORA-2008-1842
pcre-7.3-3.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.