[pcre-dev] CVE-2017-11164 fixed?

Inizio della pagina
Questo messaggio è parte di questo thread:
Mil thread completo ordinato per data
M 
Petr Pisar at ->
Delete this message
Autore: Thomas Klausner
Data:  
To: pcre-dev
Oggetto: [pcre-dev] CVE-2017-11164 fixed?
Hi!

In 2017 there was a CVE assigned against pcre 8.41:

https://www.openwall.com/lists/oss-security/2017/07/11/3

> In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c
> allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.

I read the Changelogs and the commit messages for the file mentioned,
but I couldn't clearly see if this is fixed or not. Does someone know?
Thomas

Questo messaggio è stato inviato alle seguenti mailing lists:
Pcre-dev
Informazioni sulla Mailing List | Messaggi correlati		<-[pcre-dev] [Bug 2628] RunGrepTest fails on Alpine LinuxRe: [pcre-dev] CVE-2017-11164 fixed?->
Tahini and Hummus and Cumin Development Archives amministrato da cumin AdminsLurker (versione 2.3)