From eeb4eee89de8d15427edc7f2c706ca4abb4786a4 Mon Sep 17 00:00:00 2001 From: Aaron Bauman Date: Sat, 9 Jul 2016 11:08:09 +0900 Subject: Add GLSA 201607-02 --- glsa-201607-02.xml | 78 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 78 insertions(+) create mode 100644 glsa-201607-02.xml (limited to 'glsa-201607-02.xml') diff --git a/glsa-201607-02.xml b/glsa-201607-02.xml new file mode 100644 index 00000000..3b1c38fe --- /dev/null +++ b/glsa-201607-02.xml @@ -0,0 +1,78 @@ + + + + libpcre: Multiple Vulnerabilities + Multiple vulnerabilities have been found in libpcre, the worst of + which could lead to arbitrary code execution, or cause a Denial of Service + condition. + + + July 09, 2016 + July 09, 2016: 1 + 529952 + 551240 + 553300 + 570694 + 575546 + remote + + + 8.38-r1 + 8.38-r1 + + + +

libpcre is a library providing functions for Perl-compatible regular + expressions. +

+ + +

Multiple vulnerabilities have been discovered in libpcre. Please review + the CVE identifiers referenced below for details. +

+ + +

An attacker can possibly execute arbitrary code or create a Denial of + Service condition. +

+ + +

There is no known workaround at this time.

+ + +

All libpcre users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=dev-libs/libpcre-8.38-r1" + + + + CVE-2014-8964 + CVE-2014-8964 + CVE-2015-5073 + CVE-2015-5073 + CVE-2015-5073 + CVE-2015-8380 + CVE-2015-8381 + CVE-2015-8383 + CVE-2015-8384 + CVE-2015-8385 + CVE-2015-8386 + CVE-2015-8387 + CVE-2015-8388 + CVE-2015-8389 + CVE-2015-8390 + CVE-2015-8391 + CVE-2015-8392 + CVE-2015-8393 + CVE-2015-8394 + CVE-2015-8395 + CVE-2016-1283 + CVE-2016-1283 + + + BlueKnight + + b-man + -- cgit v1.2.3-65-gdbad