Package: release.debian.org
Severity: normal
User: release.debian....@packages.debian.org
Usertags: unblock
Hi
(Know this is somewhere in a thread already, but wanted to make an
explicit unblock request, Cyril Brulebois X-Debbugs-CC'ed):
Please unblock package pcre3
The upload fixes CVE-2017-7186: invalid Unicode property lookup may
cause denial of service (Closes: #858238)
unblock pcre3/2:8.39-3
Thanks to the whole team for your hard work on the release!
Regards,
Salvatore
diff -Nru pcre3-8.39/debian/changelog pcre3-8.39/debian/changelog
--- pcre3-8.39/debian/changelog 2017-02-17 15:56:09.000000000 +0100
+++ pcre3-8.39/debian/changelog 2017-03-21 23:03:19.000000000 +0100
@@ -1,3 +1,10 @@
+pcre3 (2:8.39-3) unstable; urgency=high
+
+ * CVE-2017-7186: invalid Unicode property lookup may cause denial of
+ service (Closes: #858238)
+
+ -- Matthew Vernon <matt...@debian.org> Tue, 21 Mar 2017 22:03:19 +0000
+
pcre3 (2:8.39-2.1) unstable; urgency=high
* Non-maintainer upload.
diff -Nru pcre3-8.39/debian/patches/series pcre3-8.39/debian/patches/series
--- pcre3-8.39/debian/patches/series 2017-02-17 15:56:09.000000000 +0100
+++ pcre3-8.39/debian/patches/series 2017-03-21 23:04:04.000000000 +0100
@@ -6,3 +6,4 @@
no_jit_x32_powerpcspe.patch
Disable_JIT_on_sparc64.patch
CVE-2017-6004.patch
+upstream-fix-for-cve-2017-7186-upstream-
diff -Nru pcre3-8.39/debian/patches/upstream-fix-for-cve-2017-7186-upstream-
pcre3-8.39/debian/patches/upstream-fix-for-cve-2017-7186-upstream-
--- pcre3-8.39/debian/patches/upstream-fix-for-cve-2017-7186-upstream-
1970-01-01 01:00:00.000000000 +0100
+++ pcre3-8.39/debian/patches/upstream-fix-for-cve-2017-7186-upstream-
2017-03-21 23:04:04.000000000 +0100
@@ -0,0 +1,59 @@
+Description: Upstream fix for CVE-2017-7186 (Upstream rev 1688)
+ Fix Unicode property crash for 32-bit characters greater than 0x10ffff.
+Author: Matthew Vernon <matt...@debian.org>
+X-Dgit-Generated: 2:8.39-3 c4c2c7c4f74d53b263af2471d8e11db88096bd13
+
+---
+
+--- pcre3-8.39.orig/pcre_internal.h
++++ pcre3-8.39/pcre_internal.h
+@@ -2772,6 +2772,9 @@ extern const pcre_uint8 PRIV(ucd_stage1
+ extern const pcre_uint16 PRIV(ucd_stage2)[];
+ extern const pcre_uint32 PRIV(ucp_gentype)[];
+ extern const pcre_uint32 PRIV(ucp_gbtable)[];
++#ifdef COMPILE_PCRE32
++extern const ucd_record PRIV(dummy_ucd_record)[];
++#endif
+ #ifdef SUPPORT_JIT
+ extern const int PRIV(ucp_typerange)[];
+ #endif
+@@ -2780,9 +2783,15 @@ extern const int PRIV(ucp_typera
+ /* UCD access macros */
+
+ #define UCD_BLOCK_SIZE 128
+-#define GET_UCD(ch) (PRIV(ucd_records) + \
++#define REAL_GET_UCD(ch) (PRIV(ucd_records) + \
+ PRIV(ucd_stage2)[PRIV(ucd_stage1)[(int)(ch) / UCD_BLOCK_SIZE] * \
+ UCD_BLOCK_SIZE + (int)(ch) % UCD_BLOCK_SIZE])
++
++#ifdef COMPILE_PCRE32
++#define GET_UCD(ch) ((ch > 0x10ffff)? PRIV(dummy_ucd_record) :
REAL_GET_UCD(ch))
++#else
++#define GET_UCD(ch) REAL_GET_UCD(ch)
++#endif
+
+ #define UCD_CHARTYPE(ch) GET_UCD(ch)->chartype
+ #define UCD_SCRIPT(ch) GET_UCD(ch)->script
+--- pcre3-8.39.orig/pcre_ucd.c
++++ pcre3-8.39/pcre_ucd.c
+@@ -38,6 +38,20 @@ const pcre_uint16 PRIV(ucd_stage2)[] = {
+ const pcre_uint32 PRIV(ucd_caseless_sets)[] = {0};
+ #else
+
++/* If the 32-bit library is run in non-32-bit mode, character values
++greater than 0x10ffff may be encountered. For these we set up a
++special record. */
++
++#ifdef COMPILE_PCRE32
++const ucd_record PRIV(dummy_ucd_record)[] = {{
++ ucp_Common, /* script */
++ ucp_Cn, /* type unassigned */
++ ucp_gbOther, /* grapheme break property */
++ 0, /* case set */
++ 0, /* other case */
++ }};
++#endif
++
+ /* When recompiling tables with a new Unicode version, please check the
+ types in this structure definition from pcre_internal.h (the actual
+ field names will be different):
