Thanks for the bug report, Craig. We are aware of the issues fixed in 8.38 but we've prioritized them as 'low' since the issues require software that passes untrusted regexes to PCRE. We don't feel like this is common usage of PCRE.
We track these issues in the Ubuntu CVE Tracker: http://people.canonical.com/~ubuntu-security/cve/pkg/pcre3.html ** Information type changed from Private Security to Public Security ** Package changed: php5 (Ubuntu) => pcre3 (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to php5 in Ubuntu. https://bugs.launchpad.net/bugs/1549609 Title: Stack Corruption in PCRE 8.35 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pcre3/+bug/1549609/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs