** Changed in: pcre3 (Ubuntu) Status: New => Triaged ** Changed in: pcre3 (Ubuntu) Importance: Undecided => Low
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pcre3 in Ubuntu. https://bugs.launchpad.net/bugs/1549609 Title: Stack Corruption in PCRE 8.35 Status in pcre3 package in Ubuntu: Triaged Bug description: Various security issues have been fixed in PCRE since 8.35. Here is an example of using a malicious pattern within the Ubuntu PHP5 package that leads to stack corruption: php5 -r 'preg_match("/(?(1)(()(?1)1)+)/","abcdef", $matches, PREG_OFFSET_CAPTURE);' Loading ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.38.tar.gz with the upgrade-pcre.php script resolves this issue. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pcre3/+bug/1549609/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp