Bug#796281: jessie-pu: package pcre3/2:8.35-3.3+deb8u1
Control: tags -1 + pending On Tue, 2015-09-15 at 23:56 +0200, Moritz Mühlenhoff wrote: > On Tue, Sep 15, 2015 at 09:16:48PM +0100, Adam D. Barratt wrote: > > Control: tags -1 -moreinfo +confirmed > > > > On Fri, 2015-09-11 at 20:24 +0200, Moritz Mühlenhoff wrote: > > > On Fri, Aug 21, 2015 at 03:59:15PM +0100, Adam D. Barratt wrote: > > > > Control: tags -1 + moreinfo > > > > > > > > On Fri, 2015-08-21 at 01:35 +0200, Moritz Muehlenhoff wrote: > > > > > This update fixes four minor security issues which don't warrant > > > > > a DSA. These have been tested in a production setup and were > > > > > working fine there. > > > > [...] > > > > > + * CVE-2015-2325 CVE-2015-2326 CVE-2015-3210 CVE-2015-5073 > > > > > > > > The BTS and Security Tracker indicate that the first three of those > > > > aren't fixed in unstable yet; is that correct? > > > > > > Now fixed in unstable in 2:8.35-7.2. > > > > Thanks; please feel free to upload. > > Done. Flagged for acceptance. Regards, Adam
Bug#796281: jessie-pu: package pcre3/2:8.35-3.3+deb8u1
On Tue, Sep 15, 2015 at 09:16:48PM +0100, Adam D. Barratt wrote: > Control: tags -1 -moreinfo +confirmed > > On Fri, 2015-09-11 at 20:24 +0200, Moritz Mühlenhoff wrote: > > On Fri, Aug 21, 2015 at 03:59:15PM +0100, Adam D. Barratt wrote: > > > Control: tags -1 + moreinfo > > > > > > On Fri, 2015-08-21 at 01:35 +0200, Moritz Muehlenhoff wrote: > > > > This update fixes four minor security issues which don't warrant > > > > a DSA. These have been tested in a production setup and were > > > > working fine there. > > > [...] > > > > + * CVE-2015-2325 CVE-2015-2326 CVE-2015-3210 CVE-2015-5073 > > > > > > The BTS and Security Tracker indicate that the first three of those > > > aren't fixed in unstable yet; is that correct? > > > > Now fixed in unstable in 2:8.35-7.2. > > Thanks; please feel free to upload. Done. Cheers, Moritz
Bug#796281: jessie-pu: package pcre3/2:8.35-3.3+deb8u1
Control: tags -1 -moreinfo +confirmed On Fri, 2015-09-11 at 20:24 +0200, Moritz Mühlenhoff wrote: > On Fri, Aug 21, 2015 at 03:59:15PM +0100, Adam D. Barratt wrote: > > Control: tags -1 + moreinfo > > > > On Fri, 2015-08-21 at 01:35 +0200, Moritz Muehlenhoff wrote: > > > This update fixes four minor security issues which don't warrant > > > a DSA. These have been tested in a production setup and were > > > working fine there. > > [...] > > > + * CVE-2015-2325 CVE-2015-2326 CVE-2015-3210 CVE-2015-5073 > > > > The BTS and Security Tracker indicate that the first three of those > > aren't fixed in unstable yet; is that correct? > > Now fixed in unstable in 2:8.35-7.2. Thanks; please feel free to upload. Regards, Adam
Bug#796281: jessie-pu: package pcre3/2:8.35-3.3+deb8u1
On Fri, Aug 21, 2015 at 03:59:15PM +0100, Adam D. Barratt wrote: > Control: tags -1 + moreinfo > > On Fri, 2015-08-21 at 01:35 +0200, Moritz Muehlenhoff wrote: > > This update fixes four minor security issues which don't warrant > > a DSA. These have been tested in a production setup and were > > working fine there. > [...] > > + * CVE-2015-2325 CVE-2015-2326 CVE-2015-3210 CVE-2015-5073 > > The BTS and Security Tracker indicate that the first three of those > aren't fixed in unstable yet; is that correct? Now fixed in unstable in 2:8.35-7.2. Cheers, Moritz
Bug#796281: jessie-pu: package pcre3/2:8.35-3.3+deb8u1
On Fri, Aug 28, 2015 at 07:19:28 +0200, Moritz Mühlenhoff wrote: On Fri, Aug 21, 2015 at 03:59:15PM +0100, Adam D. Barratt wrote: Control: tags -1 + moreinfo On Fri, 2015-08-21 at 01:35 +0200, Moritz Muehlenhoff wrote: This update fixes four minor security issues which don't warrant a DSA. These have been tested in a production setup and were working fine there. [...] + * CVE-2015-2325 CVE-2015-2326 CVE-2015-3210 CVE-2015-5073 The BTS and Security Tracker indicate that the first three of those aren't fixed in unstable yet; is that correct? No, but these are backports from current upstream and I suppose Matthew will simply move to a new upstream version at some point. We don't like to include fixes in jessie that aren't in sid/stretch. Please ping again when that's done. Thanks, Julien signature.asc Description: Digital signature
Bug#796281: jessie-pu: package pcre3/2:8.35-3.3+deb8u1
On Fri, Aug 21, 2015 at 03:59:15PM +0100, Adam D. Barratt wrote: Control: tags -1 + moreinfo On Fri, 2015-08-21 at 01:35 +0200, Moritz Muehlenhoff wrote: This update fixes four minor security issues which don't warrant a DSA. These have been tested in a production setup and were working fine there. [...] + * CVE-2015-2325 CVE-2015-2326 CVE-2015-3210 CVE-2015-5073 The BTS and Security Tracker indicate that the first three of those aren't fixed in unstable yet; is that correct? No, but these are backports from current upstream and I suppose Matthew will simply move to a new upstream version at some point. Cheers, Moritz
Bug#796281: jessie-pu: package pcre3/2:8.35-3.3+deb8u1
Control: tags -1 + moreinfo On Fri, 2015-08-21 at 01:35 +0200, Moritz Muehlenhoff wrote: This update fixes four minor security issues which don't warrant a DSA. These have been tested in a production setup and were working fine there. [...] + * CVE-2015-2325 CVE-2015-2326 CVE-2015-3210 CVE-2015-5073 The BTS and Security Tracker indicate that the first three of those aren't fixed in unstable yet; is that correct? Regards, Adam
Bug#796281: jessie-pu: package pcre3/2:8.35-3.3+deb8u1
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu
This update fixes four minor security issues which don't warrant
a DSA. These have been tested in a production setup and were
working fine there.
Debdiff below.
Cheers,
Moritz
diff -Nru pcre3-8.35/debian/changelog pcre3-8.35/debian/changelog
--- pcre3-8.35/debian/changelog 2014-12-06 19:58:27.0 +0100
+++ pcre3-8.35/debian/changelog 2015-08-16 13:38:23.0 +0200
@@ -1,3 +1,9 @@
+pcre3 (2:8.35-3.3+deb8u1) jessie; urgency=medium
+
+ * CVE-2015-2325 CVE-2015-2326 CVE-2015-3210 CVE-2015-5073
+
+ -- Moritz Muehlenhoff j...@debian.org Sun, 16 Aug 2015 11:37:39 +
+
pcre3 (2:8.35-3.3) unstable; urgency=medium
* Non-maintainer upload.
diff -Nru
pcre3-8.35/debian/patches/CVE-2015-2325_CVE-2015-2326_CVE-2015-3210_CVE-2015-5073.patch
pcre3-8.35/debian/patches/CVE-2015-2325_CVE-2015-2326_CVE-2015-3210_CVE-2015-5073.patch
---
pcre3-8.35/debian/patches/CVE-2015-2325_CVE-2015-2326_CVE-2015-3210_CVE-2015-5073.patch
1970-01-01 01:00:00.0 +0100
+++
pcre3-8.35/debian/patches/CVE-2015-2325_CVE-2015-2326_CVE-2015-3210_CVE-2015-5073.patch
2015-08-16 13:36:47.0 +0200
@@ -0,0 +1,492 @@
+https://security-tracker.debian.org/tracker/CVE-2015-5073
+https://security-tracker.debian.org/tracker/CVE-2015-3210
+https://security-tracker.debian.org/tracker/CVE-2015-2326
+https://security-tracker.debian.org/tracker/CVE-2015-2325
+
+--- pcre3-8.35.orig/pcre_compile.c
pcre3-8.35/pcre_compile.c
+@@ -549,6 +549,7 @@ static const char error_texts[] =
+ group name must start with a non-digit\0
+ /* 85 */
+ parentheses are too deeply nested (stack check)\0
++ digits missing in \\x{} or \\o{}\0
+ ;
+
+ /* Table to identify digits and hex digits. This is used when compiling
+@@ -3936,14 +3937,14 @@ Arguments:
+ adjust the amount by which the group is to be moved
+ utfTRUE in UTF-8 / UTF-16 / UTF-32 mode
+ cd contains pointers to tables etc.
+- save_hwm the hwm forward reference pointer at the start of the group
++ save_hwm_offset the hwm forward reference offset at the start of the group
+
+ Returns: nothing
+ */
+
+ static void
+ adjust_recurse(pcre_uchar *group, int adjust, BOOL utf, compile_data *cd,
+- pcre_uchar *save_hwm)
++ size_t save_hwm_offset)
+ {
+ pcre_uchar *ptr = group;
+
+@@ -3955,7 +3956,8 @@ while ((ptr = (pcre_uchar *)find_recurse
+ /* See if this recursion is on the forward reference list. If so, adjust the
+ reference. */
+
+- for (hc = save_hwm; hc cd-hwm; hc += LINK_SIZE)
++ for (hc = (pcre_uchar *)cd-start_workspace + save_hwm_offset; hc cd-hwm;
++ hc += LINK_SIZE)
+ {
+ offset = (int)GET(hc, 0);
+ if (cd-start_code + offset == ptr + 1)
+@@ -4400,7 +4402,7 @@ const pcre_uchar *tempptr;
+ const pcre_uchar *nestptr = NULL;
+ pcre_uchar *previous = NULL;
+ pcre_uchar *previous_callout = NULL;
+-pcre_uchar *save_hwm = NULL;
++size_t save_hwm_offset = 0;
+ pcre_uint8 classbits[32];
+
+ /* We can fish out the UTF-8 setting once and for all into a BOOL, but we
+@@ -5912,7 +5914,7 @@ for (;; ptr++)
+ if (repeat_max = 1)/* Covers 0, 1, and unlimited */
+ {
+ *code = OP_END;
+- adjust_recurse(previous, 1, utf, cd, save_hwm);
++ adjust_recurse(previous, 1, utf, cd, save_hwm_offset);
+ memmove(previous + 1, previous, IN_UCHARS(len));
+ code++;
+ if (repeat_max == 0)
+@@ -5936,7 +5938,7 @@ for (;; ptr++)
+ {
+ int offset;
+ *code = OP_END;
+- adjust_recurse(previous, 2 + LINK_SIZE, utf, cd, save_hwm);
++ adjust_recurse(previous, 2 + LINK_SIZE, utf, cd, save_hwm_offset);
+ memmove(previous + 2 + LINK_SIZE, previous, IN_UCHARS(len));
+ code += 2 + LINK_SIZE;
+ *previous++ = OP_BRAZERO + repeat_type;
+@@ -5999,26 +6001,25 @@ for (;; ptr++)
+ for (i = 1; i repeat_min; i++)
+ {
+ pcre_uchar *hc;
+- pcre_uchar *this_hwm = cd-hwm;
++ size_t this_hwm_offset = cd-hwm - cd-start_workspace;
+ memcpy(code, previous, IN_UCHARS(len));
+
+ while (cd-hwm cd-start_workspace + cd-workspace_size -
+- WORK_SIZE_SAFETY_MARGIN - (this_hwm - save_hwm))
++ WORK_SIZE_SAFETY_MARGIN -
++ (this_hwm_offset - save_hwm_offset))
+ {
+-int save_offset = save_hwm - cd-start_workspace;
+-int this_offset = this_hwm - cd-start_workspace;
+ *errorcodeptr = expand_workspace(cd);
+ if (*errorcodeptr != 0) goto FAILED;
+-save_hwm = (pcre_uchar *)cd-start_workspace + save_offset;
+-this_hwm = (pcre_uchar *)cd-start_workspace + this_offset;
+ }
+
+- for (hc = save_hwm;
