After a bit of research I found out that the commit that fixes CVE-2022-1587 (https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0) is not directly applicable to .39, it needs a compiler update (https://github.com/PCRE2Project/pcre2/commit/dea56d2df94546c23021a42d9395f2333589f01e), this is a very substantial update. Looking at Fedora and Debian they updated the .40 too.
Hope it helps, Davide
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#166306): https://lists.openembedded.org/g/openembedded-core/message/166306 Mute This Topic: https://lists.openembedded.org/mt/91447368/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
