Stefan Fritsch wrote on 23/08/2005 23:15:
>>Patch extracted from difference between upstream versions 6.0 and
>>6.1, modified to patch version 4.5. Patch is attached.
>
> While the issue corresponding to your patch should be fixed as well,
> this is not the patch for CAN-2005-2491. The securitytracker page
> states that 6.1 and prior versions are vulnerable. One needs to look
> at the differences between 6.1 and 6.2. The relevant changes are a
> bit larger.
You are right. I was confused because the pcre homepage still says 6.1
is the latest version. Working on the real fix now.
Message-ID: <email address hidden>
Date: Wed, 24 Aug 2005 14:52:41 +0200
From: Sven Mueller <email address hidden>
To: Stefan Fritsch <email address hidden>, <email address hidden>
Subject: Re: Bug#324531: pcre3: CAN-2005-2491
------- ------- enig487232E5E8B E0C5EA4533572 Transfer- Encoding: 7bit
Content-Type: text/plain; charset=ISO-8859-1
Content-
Stefan Fritsch wrote on 23/08/2005 23:15:
>>Patch extracted from difference between upstream versions 6.0 and
>>6.1, modified to patch version 4.5. Patch is attached.
>
> While the issue corresponding to your patch should be fixed as well,
> this is not the patch for CAN-2005-2491. The securitytracker page
> states that 6.1 and prior versions are vulnerable. One needs to look
> at the differences between 6.1 and 6.2. The relevant changes are a
> bit larger.
You are right. I was confused because the pcre homepage still says 6.1
is the latest version. Working on the real fix now.
cu,
sven
------- ------- enig487232E5E8B E0C5EA4533572 pgp-signature; name="signature .asc" Description: OpenPGP digital signature Disposition: attachment; filename= "signature. asc"
Content-Type: application/
Content-
Content-
-----BEGIN PGP SIGNATURE-----
5RBTUBgsRAi3WAJ 0d01OjHl042Uzf3 o314bbhscOndgCg q0Yn AU/0hXYo=
Version: GnuPG v1.4.0 (Cygwin)
iD8DBQFDDG2dDcs
DcHJfPZhrJmMCRO
=GMZJ
-----END PGP SIGNATURE-----
------- ------- enig487232E5E8B E0C5EA4533572- -