[SECURITY] [DLA 441-1] pcre3 security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Package : pcre3
Version : 8.02-1.1+deb6u1
Debian Bug : 815921
HP's Zero Day Initiative has identified a vulnerability affecting the
pcre3 package. It was assigned ZDI id ZDI-CAN-3542. A CVE identifier has
not been assigned yet.
PCRE Regular Expression Compilation Stack Buffer Overflow Remote Code
Execution Vulnerability.
PCRE did not validate that handling the (*ACCEPT) verb will occur within
the bounds of the cworkspace stack buffer, leading to a stack buffer
overflow.
For Debian 6 "Squeeze", these problems have been fixed in version
8.02-1.1+deb6u1.
We recommend that you upgrade your pcre3 packages.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQJ8BAEBCgBmBQJW1EoTXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE
OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1HkyIIQALXVcVfIppUJJk/maYTs2/i4
yS0KfnhHnaXXaE1Bfmk4bgQvLKehBgE2WGCQUz2WzCWS8P69HKJviPDlS8VnwZxg
7B9l5FUfX8G+eiQcrQWBv+cF5eKijFphqdm69i2aENEC4R1+PQeYOuuOBR0h8ysQ
ZdCuRmEPeIfCD0D18OjJ+oF0yJbtcS6pVGto+272P1rsZhY7TZJo2hcgfPxYjTNC
u02sOkd6rXoiANFKkBmJ71qQCt1ftwgWJ4PyPUZVaHmdpyLADDM5KLn2EASaEte9
1LZgIMUfDILdh/L4SU+S7C+Pp93Xl0A6F6jmbOTTBDwYZcH3ht/2Ff1eb27XSu3t
VOHmCYswQSTGAjP4LiOKe3XGbof7LfdWBehdL1O1642SQtGl0YtjhKAizR0NBIOw
gXi0L3NzTC0rLEd78X2SfHV57HHeqUF/BnFXNJe6ELG+xn08c7BmaYpaAE0hGYYK
jdxpnPrh5RR/dKBAyZV8wGfwAZ6ArahQkWvUm65FaNeK1AQnm6ZmoeQf/cP8XV/t
LNO8RPDaQB/1kT8Rmba+U0S/kupWP/iIBt3RuJG6vV5zDJQc1v0lKCSIp0APPAY3
Ih4RZJJy/rWSdoMwDnrYNISSokJXCa+7VODJJbhfhr12PHePCX8iDuhI5g0RHhgT
wbiG+gwbVoNnmBNHhcH6
=UNG2
-----END PGP SIGNATURE-----
Reply to: