[SECURITY] [DLA 1918-1] libonig security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Package : libonig
Version : 5.9.5-3.2+deb8u3
CVE ID : CVE-2019-16163
Debian Bug : 939988
The Oniguruma regular expressions library, notably used in PHP
mbstring, is vulnerable to stack exhaustion. A crafted regular
expression can crash the process.
For Debian 8 "Jessie", this problem has been fixed in version
5.9.5-3.2+deb8u3.
We recommend that you upgrade your libonig packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCgAdFiEEQic8GuN/xDR88HkSj/HLbo2JBZ8FAl16EwoACgkQj/HLbo2J
BZ+eJgf+OU8NBd0fwtVEmF2UgU66npBCYlsoO62ZVFXg3NuDo37+c5VKaw8JLxA5
q4/TageYMoBPDOAxb3aMaizPPW3Tcon4eFHaZ1rV6l/4rWTB7jp8ru+BwsdObIoz
TIq4zGXlsYmMTC3S+u8UH1rsYkAANB5q5+Vy85BKuG8HOyxwassxgjmgW1quGfJ/
u8XB6unxSp/SzqZxH5+UFBu2dssP4o1GyNAZjcpf9naTiriyMk/AO1RU+tucRHMo
6USE5gNzFhoCiSQZRzjff2cYqd/88w/AsKq8G2gV1rAs1A0qcXSemFxA9iwD9q4A
39zRUUYSqosIBnv5aeOykQ2YQBVvnA==
=oiDK
-----END PGP SIGNATURE-----
Reply to: