Hello community, here is the log from the commit of package pcre for openSUSE:Factory checked in at 2017-08-04 11:56:44 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/pcre (Old) and /work/SRC/openSUSE:Factory/.pcre.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pcre" Fri Aug 4 11:56:44 2017 rev:66 rq:512856 version:8.41 Changes: -------- --- /work/SRC/openSUSE:Factory/pcre/pcre.changes 2017-06-12 15:10:00.466191328 +0200 +++ /work/SRC/openSUSE:Factory/.pcre.new/pcre.changes 2017-08-04 11:56:45.841782233 +0200 @@ -1,0 +2,27 @@ +Tue Jul 25 08:15:58 UTC 2017 - [email protected] + +- pcre 8.41: + * If pcregrep in multiline mode with --only-matching matched + several lines, it restarted scanning at the next line instead + of moving on to the end of the matched string, which can be + several lines after the start. + * Fix a missing else in the JIT compiler reported by 'idaifish'. + CVE-2017-6004 bsc#1025709 + * A (?# style comment is now ignored between a basic quantifier + and a following '+' or '?' (example: /X+(?#comment)?Y/. + * Avoid use of a potentially overflowing buffer in pcregrep + * Fix issues reported by fuzzers in pcretest: + - Check for values < 256 when calling isprint() in pcretest. + - Give an error for too big a number after \O. + * In the 32-bit library in non-UTF mode, an attempt to find a + Unicode property for a character with a code point greater than + 0x10ffff (the Unicode maximum) caused a crash. + CVE-2017-7186 bsc#1030066, CVE-2017-7244 bsc#1030807 + * The alternative matching function, pcre_dfa_exec() misbehaved + if it encountered a character class with a possessive repeat, + for example [a-f]{3}+. + * When pcretest called pcre_copy_substring() in 32-bit mode, it + set the buffer length incorrectly, which could result in buffer + overflow. CVE-2017-7245 bsc#1030805, CVE-2017-7246 bsc#1030803 + +------------------------------------------------------------------- Old: ---- pcre-8.40.tar.bz2 pcre-8.40.tar.bz2.sig New: ---- pcre-8.41.tar.bz2 pcre-8.41.tar.bz2.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ pcre.spec ++++++ --- /var/tmp/diff_new_pack.ZgOJF5/_old 2017-08-04 11:56:46.837641672 +0200 +++ /var/tmp/diff_new_pack.ZgOJF5/_new 2017-08-04 11:56:46.841641107 +0200 @@ -17,7 +17,7 @@ Name: pcre -Version: 8.40 +Version: 8.41 Release: 0 Summary: A library for Perl-compatible regular expressions License: BSD-3-Clause @@ -159,7 +159,7 @@ %if %{do_profiling} make %{?_smp_mflags} CFLAGS="%{optflags} %{cflags_profile_generate}" V=1 make %{?_smp_mflags} CFLAGS="%{optflags} %{cflags_profile_generate}" check - make clean + make %{?_smp_mflags} clean make %{?_smp_mflags} CFLAGS="%{optflags} %{cflags_profile_feedback}" V=1 %else make %{?_smp_mflags} CFLAGS="%{optflags}" @@ -185,37 +185,30 @@ %postun -n libpcreposix0 -p /sbin/ldconfig %files -n libpcre1 -%defattr(-,root,root) %doc AUTHORS COPYING ChangeLog LICENCE NEWS README %{_libdir}/libpcre.so.* %files -n libpcre16-0 -%defattr(-,root,root) %{_libdir}/libpcre16.so.* %files -n libpcrecpp0 -%defattr(-,root,root) %{_libdir}/libpcrecpp.so.* %files -n libpcreposix0 -%defattr(-,root,root) %{_libdir}/libpcreposix.so.* %files tools -%defattr(-,root,root) %{_bindir}/pcregrep %{_bindir}/pcretest %{_mandir}/man1/pcregrep.1%{ext_man} %{_mandir}/man1/pcretest.1%{ext_man} %files doc -%defattr(-,root,root) %doc AUTHORS COPYING ChangeLog LICENCE NEWS README %doc doc/html doc/*.txt %doc %{_defaultdocdir}/pcre-doc %files devel -%defattr(-,root,root) %{_bindir}/pcre-config %{_includedir}/* %{_libdir}/*.so @@ -227,7 +220,6 @@ %{_mandir}/man3/pcre*.3*%{ext_man} %files devel-static -%defattr(-,root,root) %{_libdir}/*.a %changelog ++++++ pcre-8.40.tar.bz2 -> pcre-8.41.tar.bz2 ++++++ ++++ 15638 lines of diff (skipped)
