SOURCES: pcre-buffer-overflow.patch (NEW) - fix for CVE-2008-2371

megabajt megabajt at pld-linux.org
Sun Jul 6 00:33:31 CEST 2008


Author: megabajt                     Date: Sat Jul  5 22:33:31 2008 GMT
Module: SOURCES                       Tag: HEAD
---- Log message:
- fix for CVE-2008-2371

---- Files affected:
SOURCES:
   pcre-buffer-overflow.patch (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: SOURCES/pcre-buffer-overflow.patch
diff -u /dev/null SOURCES/pcre-buffer-overflow.patch:1.1
--- /dev/null	Sun Jul  6 00:33:31 2008
+++ SOURCES/pcre-buffer-overflow.patch	Sun Jul  6 00:33:25 2008
@@ -0,0 +1,16 @@
+diff -NrU5 pcre-7.7.orig/pcre_compile.c pcre-7.7/pcre_compile.c
+--- pcre-7.7.orig/pcre_compile.c	2008-06-18 17:08:49.000000000 +0200
++++ pcre-7.7/pcre_compile.c	2008-06-18 17:11:04.000000000 +0200
+@@ -4929,11 +4929,11 @@
+           {
+           if (code == cd->start_code + 1 + LINK_SIZE &&
+                (lengthptr == NULL || *lengthptr == 2 + 2*LINK_SIZE))
+             {
+             cd->external_options = newoptions;
+-            options = newoptions;
++            options = *optionsptr = newoptions;
+             }
+          else
+             {
+             if ((options & PCRE_IMS) != (newoptions & PCRE_IMS))
+               {
================================================================


More information about the pld-cvs-commit mailing list