Bug 815214 - ovector buffer overflow in pcre_exec if back-references are greater then ovector and they are not used
ovector buffer overflow in pcre_exec if back-references are greater then ovec...
Product: Fedora
Classification: Fedora
Component: pcre (Show other bugs)
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Petr Pisar
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2012-04-23 02:52 EDT by Petr Pisar
Modified: 2012-05-26 02:48 EDT (History)
3 users (show)

See Also:
Fixed In Version: pcre-8.30-5.fc18
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 815281 (view as bug list)
Last Closed: 2012-05-26 02:48:57 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Petr Pisar 2012-04-23 02:52:53 EDT
There is a buffer overflow (http://bugs.exim.org/show_bug.cgi?id=1236) in
pcre >= 8.13, fixed in upstream:

r963 | ph10 | 2012-04-21 20:06:31 +0200 (So, 21 dub 2012) | 3 lines
Fix ovector overrun when backreferences need temporary memory and the highest 
block is not used.

F18--17 are affected, older Fedoras are clean.
Comment 1 Petr Pisar 2012-04-23 04:03:52 EDT
Fixed as pcre-8.30-5.fc18 in F18.
Comment 2 Fedora Update System 2012-04-23 04:52:03 EDT
pcre-8.21-5.fc17 has been submitted as an update for Fedora 17.
Comment 3 Fedora Update System 2012-04-23 23:16:05 EDT
Package pcre-8.21-5.fc17:
* should fix your issue,
* was pushed to the Fedora 17 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing pcre-8.21-5.fc17'
as soon as you are able to.
Please go to the following url:
then log in and leave karma (feedback).
Comment 4 Fedora Update System 2012-05-26 02:48:57 EDT
pcre-8.21-5.fc17 has been pushed to the Fedora 17 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.