This bug was fixed in the package erlang - 1:13.b.1-dfsg-2ubuntu1.1
---------------
erlang (1:13.b.1-dfsg-2ubuntu1.1) karmic-security; urgency=low
* SECURITY UPDATE: denial of service via Heap-based buffer overflow in
pcre_compile.c in the Perl-Compatible Regular Expression (PCRE)
library (LP: #535090)
- CVE-2008-2371
- debian/patches/pcre-crash.patch is cherrypicked from upstream commit
http://github.com/erlang/otp/commit/bb6370a2. The hunk for the
testsuite does not apply cleanly and is not needed for the fix so was
stripped. This fix is part of the current upstream OTP release R13B04.
-- Ralf Doering <[email protected]> Fri, 12 Mar 2010 09:40:49 +0100
** Changed in: erlang (Ubuntu Karmic)
Status: Fix Committed => Fix Released
--
CVE-2008-2371 (outer level option with alternatives caused crash)
https://bugs.launchpad.net/bugs/535090
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
