An invalid memory read flaw was found in PCRE. An attacker could use a crafted file that, when processed by PCRE, would crash the application using the PCRE library.
Created pcre tracking bugs for this issue: Affects: fedora-all [bug 1437365]
External References: https://blogs.gentoo.org/ago/2017/03/20/libpcre-invalid-memory-read-in-_pcre32_xclass-pcre_xclass-c/
The Gentoo developer reported it to the upstream at <https://bugs.exim.org/show_bug.cgi?id=2054> which turns to be a duplicate of <https://bugs.exim.org/show_bug.cgi?id=2052> that was fixed by upstream in SVN revision 1688 with this commit: commit 8037f71d03b3cd8919248f38448a0a2d3715c18c Author: ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15> Date: Fri Feb 24 17:30:30 2017 +0000 Fix Unicode property crash for 32-bit characters greater than 0x10ffff. git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1688 2f5784b3-3f2a-0410-8824- cb99058d5e15
Created glib2 tracking bugs for this issue: Affects: fedora-all [bug 1437484] Created mingw-glib2 tracking bugs for this issue: Affects: epel-7 [bug 1437486] Affects: fedora-all [bug 1437487] Created mingw-pcre tracking bugs for this issue: Affects: epel-7 [bug 1437483] Affects: fedora-all [bug 1437485]
This issue has been addressed in the following products: Red Hat JBoss Core Services Via RHSA-2018:2486 https://access.redhat.com/errata/RHSA-2018:2486