lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <4737da0c.sYKIvOrwIHypIuEZ%foresight-security-noreply@foresightlinux.org>
Date: Sun, 11 Nov 2007 19:43:56 -0900
From: Foresight Linux Essential Announcement Service <foresight-security-noreply@...esightlinux.org>
To: foresight-security-announce@...ts.rpath.org
Cc: security-alerts@...uxsecurity.com,
	full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com,
	lwn@....net
Subject: FLEA-2007-0064-1 pcre

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Foresight Linux Essential Advisory: 2007-0064-1
Published: 2007-11-11

Rating: Moderate

Updated Versions:
    pcre=conary.rpath.com at rpl:1/7.4-0.2-1
    group-dist=/foresight.rpath.org@fl:1-devel//1/1.4.1-0.2-3

References:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1659
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1660
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1661
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1662
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4766
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4767
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4768

Description:
    Previous versions of the pcre package contain multiple vulnerabilities
    which may allow an attacker to execute arbitrary code.
    
    The pcre library and utilities are not known to be exposed via any
    privileged or remote interfaces within Foresight Linux by default, but many
    applications linked to the pcre library are routinely exposed to untrusted
    data.

- ---

Copyright 2007 Foresight Linux Project
This file is distributed under the terms of the MIT License.
A copy is available at http://www.foresightlinux.org/permanent/mit-license.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.7 (GNU/Linux)

iQIVAwUBRzfaAtfwEn07iAtZAQL4mQ//bynB+4Aj7mzUQGP57+uL1Lz2vRnzDneF
DX60BQ1yAlFAxkXVJWDw2xiOVvqzN5urnXsKhmUej6+TPHmNnYOXKsJ5s6Aq2z2r
zKaSOlQEAwNMQZ9LxkRoAOe4im7paLpkSlOIFDy3XG33R9zfDAT+ifsmWETCmzue
MD0WuXgC5h3/TipNnxtyAm/q8ImLKV2Xng/GEAPSTzcAcqojUXyKgSyTr14dQ66/
yIE2q4NcAVyJ/H6LQQmmqcAtXxBvLw55jMtiSOXdjEHpkwM/6+d2YAPAwaDBowfr
tD90tVi7h+pX8Zph7mG0QFSW3qfNSDhDZEvxq7LMTwnMQ/cID6E5O+ZTw3cdkp2R
b97iPJGZcodI6RoO+XHCWqaSrtFuMeuTL4sKoYsYY7iCc0ebht/67aTaOKK0yrrw
e2locTPIOIZ2u9yqfjZPH5Vwf+zoDuyVWBPHWx1i3MC0O/Zu1//dgqqZDY/eGFBe
db3EHUqr1qJsCjZPG136jhtCuJMflAJM2cGdDDcy5ojVNPy/Vt019PAVRYOjnVpU
kM0/qKkZzg0c4Yx1UM63fA1JfXRlOiZ9UY0zaOU8F+a5d7A+s8V5HcfrFt2WbLNg
1uRlVmkWj7vMU4JJzl3EUqtPwUq8zWaj34id+w3SobKbIopCc98ZDOgUuCNLGvSe
Kpr7fv9nBtc=
=RTMx
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ