Accepted pcre2 10.32-5+deb10u1 (source) into oldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 16 Mar 2023 01:21:36 +0100
Source: pcre2
Architecture: source
Version: 10.32-5+deb10u1
Distribution: buster-security
Urgency: high
Maintainer: Matthew Vernon <matthew@debian.org>
Changed-By: Guilhem Moulin <guilhem@debian.org>
Closes: 1011954
Changes:
pcre2 (10.32-5+deb10u1) buster-security; urgency=high
.
* Non-maintainer upload by the LTS Security Team.
* CVE-2019-20454: Out-of-bounds read when the pattern \X is JIT compiled and
used to match specially crafted subjects in non-UTF mode.
* CVE-2022-1586: Out-of-bounds read involving unicode property matching in
JIT-compiled regular expressions. The issue occurs because the character
was not fully read in case-less matching within JIT. (Closes: #1011954).
* CVE-2022-1587: Out-of-bounds read affecting recursions in JIT-compiled
regular expressions caused by duplicate data transfers. (Closes:
#1011954).
* Subject buffer overread in JIT when UTF is disabled and \X or \R has a
greater than 1 fixed quantifier.
Checksums-Sha1:
8e441840f3e0ffcd3cfa47f44ba68788da136a97 2234 pcre2_10.32-5+deb10u1.dsc
5bfe471f07224c1fac741d426462553f9fc3af84 2169349 pcre2_10.32.orig.tar.gz
0a9c7de96639b820a1427746c3c0266bdc59a493 9691 pcre2_10.32-5+deb10u1.diff.gz
6586ee2ba79255b2159d143f4d059b140754a3e3 7655 pcre2_10.32-5+deb10u1_amd64.buildinfo
Checksums-Sha256:
84b64673e5b8f4d2f2b75e293a151df97020ecc32871961a6dfc30a588f5fc57 2234 pcre2_10.32-5+deb10u1.dsc
9ca9be72e1a04f22be308323caa8c06ebd0c51efe99ee11278186cafbc4fe3af 2169349 pcre2_10.32.orig.tar.gz
1a425dd654d2ffd1e7e3456865a0d0ec2fd04639469a2f73f18138f01df1377b 9691 pcre2_10.32-5+deb10u1.diff.gz
c87cab60a77877489e2c1939052973305dcee20d8dfc117bf5601369121856b9 7655 pcre2_10.32-5+deb10u1_amd64.buildinfo
Files:
a9989eb3586b9d6aaf6a6df0ad14fe3b 2234 libs optional pcre2_10.32-5+deb10u1.dsc
a660db882ff171e6a0de5fb1decd5ff5 2169349 libs optional pcre2_10.32.orig.tar.gz
489d44e5d45cfbbee8a31903602e2c90 9691 libs optional pcre2_10.32-5+deb10u1.diff.gz
6acc2944caccb3657df30f7c0144de83 7655 libs optional pcre2_10.32-5+deb10u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmQScxcACgkQ05pJnDwh
pVJEtRAAriSVvXFOms+BABTve2Xn8REzpEf6vlDcN5j438bzCe2fGg6+4zmMpkqz
Xnx7HGM8sZWouSuc9GILY0LFJw5EhVVC+bgija5b4tdsxv3hF/DcgsQdxietKc73
SYlnRSpXY1dmSw0FGPqrJvsDmVogz28O8sGLLX4zf+C9mrKDkCSsxDqORp2CbTIL
TZltUVogk5ai8KjIjhHnPgMmzezy0n8FJPm6HRIzMr9McKNPzWMOAYapvUH4p5C+
z/z6grepJpNMyHh1AcpvKKRJl2j2V0Uk3MGLy47flR7TYSGJMbGiZf5xAtxCdSm4
lepjuF9x0wWbaQgSTCXtuKoKy1C4SLTa2UgI8K55UGXDfyKD2FGtggPnn9ONceaB
DwJHisbv3gyJOMfXOpkajQfi81lZ2D0DxEi8xSlRRsl6M/xOJcIT8+01Hr5P0mE7
Ap3dZtRhcl2wN8ZMgQAzC1MmxkySNG/eALEcNhUPo8HeSfM5tu8LL3vWsI5fai8b
z2s9ItXzQtUd/jNdupCKd88HKyurenJ0WWXRmm4ilxzWtPDitCXKQG7SRnpBycxP
e4zjZ+DbrriIef/ElIbI/gCiLLEMv0H2EwV6BF72eUltOz4gLF4cIYflEw1sqwid
vNhqQcoyHfKq8LdTzme186m8GJl6YWrQRlwyWBQ821rQpcft8KQ=
=p+U/
-----END PGP SIGNATURE-----
Reply to: