Changelog
pcre3 (2:8.35-7.2) unstable; urgency=low
* Non-maintainer upload (with maintainer's permission).
* Add Fix-compiler-crash-misbehaviour-for-zero-repeated-gr.patch.
Fixes "PCRE Library Stack Overflow Vulnerability" (Upstream bug 1503)
* Add Fix-compile-time-loop-for-recursive-reference-within.patch.
Fixes "PCRE Call Stack Overflow Vulnerability" (Upstream bug 1515)
* Add 794589-information-disclosure.patch.
Fixes "pcre_exec does not fill offsets for certain regexps" leading to
information disclosure. (Closes: #794589)
* Add Fix-bad-compile-for-groups-like-2-0-1999.patch.
CVE-2015-2325: heap buffer overflow in compile_branch(). (Closes: #781795)
* Add Fix-bad-compilation-for-patterns-like-1-1-with-forwa.patch.
CVE-2015-2326: heap buffer overflow in pcre_compile2(). (Closes: #783285)
* Add Fix-buffer-overflow-for-named-recursive-back-referen.patch.
CVE-2015-3210: heap buffer overflow in pcre_compile2() /
compile_regex(). (Closes: #787433)
-- Salvatore Bonaccorso <email address hidden> Fri, 11 Sep 2015 20:04:19 +0200