Package: pcre3 / 2:8.35-3.3+deb8u4

Metadata

Package Version Patches format
pcre3 2:8.35-3.3+deb8u4 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
PCRE6_compatible_API.patch | (download)

pcrecpp.cc | 6 6 + 0 - 0 !
pcrecpp.h | 2 2 + 0 - 0 !
pcretest.c | 2 1 + 1 - 0 !
3 files changed, 9 insertions(+), 1 deletion(-)

 include old interface to re::init() for pcre 6.x compatibility


pcreposix.patch | (download)

pcreposix.h | 13 9 + 4 - 0 !
1 file changed, 9 insertions(+), 4 deletions(-)

 fix pcre posix interface otherwise libc regexes are used (bug 22525)

pcre_info.patch | (download)

Makefile.am | 3 2 + 1 - 0 !
Makefile.in | 81 43 + 38 - 0 !
pcre_info.c | 90 90 + 0 - 0 !
3 files changed, 135 insertions(+), 39 deletions(-)

 restore obsolete pcre_info() api for compatiblity


pcregrep.1 patch | (download)

doc/pcregrep.1 | 4 4 + 0 - 0 !
1 file changed, 4 insertions(+)

 mention zpcregrep wrapper script in pcregrep man page.


soname.patch | (download)

configure.ac | 8 4 + 4 - 0 !
1 file changed, 4 insertions(+), 4 deletions(-)

 change soname to what debian use

no_jit_ppc64el.patch | (download)

sljit/sljitConfigInternal.h | 6 5 + 1 - 0 !
1 file changed, 5 insertions(+), 1 deletion(-)

 disable jit on ppc64el, needs explicit porting to elfv2.
Fix silly quantifier size check.patch | (download)

pcre_compile.c | 35 16 + 19 - 0 !
testdata/testoutput2 | 6 3 + 3 - 0 !
2 files changed, 19 insertions(+), 22 deletions(-)

 fix silly quantifier size check

The tests for quantifiers being too big (greater than 65535) were being
applied after reading the number, and stupidly assuming that integer
overflow would give a negative number. The tests are now applied as the
numbers are read.

Bug: http://bugs.exim.org/show_bug.cgi?id=1463
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751828
cve 2014 8964.patch | (download)

pcre_exec.c | 5 4 + 1 - 0 !
1 file changed, 4 insertions(+), 1 deletion(-)

 cve-2014-8964, heap buffer overflow
 Heap buffer overflow if an assertion with a zero minimum repeat is used as
 the condition in a conditional group.
CVE 2015 2325_CVE 2015 2326_CVE 2015 3210_CVE 2015 5073.patch | (download)

pcre_compile.c | 80 49 + 31 - 0 !
testdata/testinput11 | 4 4 + 0 - 0 !
testdata/testinput2 | 10 10 + 0 - 0 !
testdata/testoutput11-16 | 39 39 + 0 - 0 !
testdata/testoutput11-32 | 39 39 + 0 - 0 !
testdata/testoutput11-8 | 39 39 + 0 - 0 !
testdata/testoutput2 | 46 46 + 0 - 0 !
7 files changed, 226 insertions(+), 31 deletions(-)

---
0001 Fix compile time loop for recursive reference within.patch | (download)

pcre_compile.c | 21 9 + 12 - 0 !
testdata/testinput1 | 6 6 + 0 - 0 !
testdata/testoutput1 | 10 10 + 0 - 0 !
3 files changed, 25 insertions(+), 12 deletions(-)

 fix compile-time loop for recursive reference within a group
 with an indefinite repeat.
 .
 Addresses CVE-2015-2328.
794589 information disclosure.patch | (download)

pcre_exec.c | 13 12 + 1 - 0 !
1 file changed, 12 insertions(+), 1 deletion(-)

 cve-2015-8382: pcre_exec does not fill offsets for certain regexps
0001 Fix buffer overflow for repeated conditional when re.patch | (download)

pcre_compile.c | 2 1 + 1 - 0 !
testdata/testinput2 | 6 6 + 0 - 0 !
testdata/testoutput2 | 6 6 + 0 - 0 !
3 files changed, 13 insertions(+), 1 deletion(-)

 fix buffer overflow for repeated conditional when referencing
 a duplicate name.
 .
 Addresses CVE-2015-8383.
0001 Fix named forward reference to duplicate group numbe.patch | (download)

pcre_compile.c | 8 8 + 0 - 0 !
testdata/testinput1 | 3 3 + 0 - 0 !
testdata/testoutput1 | 5 5 + 0 - 0 !
3 files changed, 16 insertions(+)

 fix named forward reference to duplicate group number
 overflow bug.
 .
 Addresses CVE-2015-8385.
0001 Fix buffer overflow for lookbehind within mutually r.patch | (download)

pcre_compile.c | 2 1 + 1 - 0 !
testdata/testinput2 | 3 3 + 0 - 0 !
testdata/testoutput2 | 3 3 + 0 - 0 !
3 files changed, 7 insertions(+), 1 deletion(-)

 fix buffer overflow for lookbehind within mutually recursive
 subroutines.
 .
 Addresses CVE-2015-8386.
0001 Add integer overflow check to n code.patch | (download)

pcre_compile.c | 8 8 + 0 - 0 !
testdata/testinput2 | 2 2 + 0 - 0 !
testdata/testoutput2 | 3 3 + 0 - 0 !
3 files changed, 13 insertions(+)

 add integer overflow check to (?n) code.
 .
 Addresses CVE-2015-8387.
0001 Fix overflow when ovector has size 1.patch | (download)

pcre_exec.c | 3 2 + 1 - 0 !
testdata/testinput2 | 3 3 + 0 - 0 !
testdata/testoutput2 | 4 4 + 0 - 0 !
3 files changed, 9 insertions(+), 1 deletion(-)

 fix overflow when ovector has size 1.
 .
 Addresses CVE-2015-8380.
0001 Fix infinite recursion in the JIT compiler when cert.patch | (download)

pcre_jit_compile.c | 15 11 + 4 - 0 !
testdata/testinput12 | 2 2 + 0 - 0 !
testdata/testoutput12 | 2 2 + 0 - 0 !
3 files changed, 15 insertions(+), 4 deletions(-)

 fix infinite recursion in the jit compiler when certain
 patterns when certain patterns are analysed.
 .
 Addresses CVE-2015-8389.
0001 Fix bug for classes containing sequences.patch | (download)

pcre_compile.c | 14 8 + 6 - 0 !
testdata/testinput2 | 2 2 + 0 - 0 !
testdata/testoutput2 | 2 2 + 0 - 0 !
3 files changed, 12 insertions(+), 6 deletions(-)

 fix bug for classes containing \\ sequences.
 .
 Addresses CVE-2015-8390.
0001 Fix run for ever bug for deeply nested sequences.patch | (download)

pcre_compile.c | 17 5 + 12 - 0 !
testdata/testinput2 | 2 2 + 0 - 0 !
testdata/testoutput2 | 3 3 + 0 - 0 !
3 files changed, 10 insertions(+), 12 deletions(-)

 fix "run for ever" bug for deeply nested [: sequences.
 .
 Addresses CVE-2015-8391.
0001 Fix buffer overflow for named references in situatio.patch | (download)

pcre_compile.c | 72 43 + 29 - 0 !
pcre_internal.h | 1 1 + 0 - 0 !
testdata/testinput2 | 2 2 + 0 - 0 !
testdata/testoutput11-8 | 2 1 + 1 - 0 !
testdata/testoutput2 | 2 2 + 0 - 0 !
5 files changed, 49 insertions(+), 30 deletions(-)

 fix buffer overflow for named references in (?| situations.
 .
 Addresses CVE-2015-8392.
0001 Make pcregrep q override l and c for compatibility w.patch | (download)

RunGrepTest | 8 8 + 0 - 0 !
pcregrep.c | 12 6 + 6 - 0 !
testdata/grepoutput | 4 4 + 0 - 0 !
3 files changed, 18 insertions(+), 6 deletions(-)

 make pcregrep -q override -l and -c for compatibility with other greps.
 .
 Addresses CVE-2015-8393.
0001 Add missing integer overflow checks.patch | (download)

pcre_compile.c | 11 11 + 0 - 0 !
testdata/testinput2 | 4 4 + 0 - 0 !
testdata/testoutput2 | 6 6 + 0 - 0 !
3 files changed, 21 insertions(+)

 add missing integer overflow checks.
 .
 Addresses CVE-2015-8394.
0001 Hack in yet other patch for a bug in size computatio.patch | (download)

pcre_compile.c | 5 2 + 3 - 0 !
testdata/testinput2 | 2 2 + 0 - 0 !
testdata/testoutput2 | 2 2 + 0 - 0 !
3 files changed, 6 insertions(+), 3 deletions(-)

 hack in yet other patch for a bug in size computation that is 
 fixed "properly" in PCRE2.
 .
 Addresses CVE-2015-8395 and CVE-2015-8381.
0001 Give error for x and o.patch | (download)

pcre_compile.c | 7 7 + 0 - 0 !
pcre_internal.h | 2 1 + 1 - 0 !
pcreposix.c | 3 2 + 1 - 0 !
testdata/testinput2 | 12 12 + 0 - 0 !
testdata/testoutput2 | 17 17 + 0 - 0 !
5 files changed, 39 insertions(+), 2 deletions(-)

 give error for \x{} and \o{}.
0001 Fix workspace overflow for ACCEPT with deeply nested.patch | (download)

pcre_compile.c | 23 19 + 4 - 0 !
pcre_internal.h | 2 1 + 1 - 0 !
pcreposix.c | 3 2 + 1 - 0 !
testdata/testinput11 | 2 2 + 0 - 0 !
testdata/testoutput11-16 | 3 3 + 0 - 0 !
testdata/testoutput11-32 | 3 3 + 0 - 0 !
testdata/testoutput11-8 | 3 3 + 0 - 0 !
7 files changed, 33 insertions(+), 6 deletions(-)

 fix workspace overflow for (*accept) with deeply nested parentheses
 Addresses CVE-2016-3191
0001 Yet another duplicate name bugfix by overestimating .patch | (download)

pcre_compile.c | 7 6 + 1 - 0 !
testdata/testinput2 | 2 2 + 0 - 0 !
testdata/testoutput2 | 2 2 + 0 - 0 !
3 files changed, 10 insertions(+), 1 deletion(-)

 cve-2016-1283: heap buffer overflow in handling of duplicate named groups
0001 Fixed an issue with nested table jumps.patch | (download)

pcre_jit_compile.c | 18 10 + 8 - 0 !
testdata/testinput1 | 3 3 + 0 - 0 !
testdata/testoutput1 | 4 4 + 0 - 0 !
3 files changed, 17 insertions(+), 8 deletions(-)

 fixed an issue with nested table jumps