Thanks for the bug report, Craig. We are aware of the issues fixed in 8.38 but we've prioritized them as 'low' since the issues require software that passes untrusted regexes to PCRE. We don't feel like this is common usage of PCRE.
We track these issues in the Ubuntu CVE Tracker: http://people.canonical.com/~ubuntu-security/cve/pkg/pcre3.html ** Information type changed from Private Security to Public Security ** Package changed: php5 (Ubuntu) => pcre3 (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1549609 Title: Stack Corruption in PCRE 8.35 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pcre3/+bug/1549609/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
