CVE-2008-2371 (outer level option with alternatives caused crash)
Bug #535090 reported by
Michael Santos
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
erlang (Ubuntu) |
Fix Released
|
Low
|
Jamie Strandboge | ||
Intrepid |
Fix Released
|
Low
|
Unassigned | ||
Jaunty |
Fix Released
|
Low
|
Unassigned | ||
Karmic |
Fix Released
|
Low
|
Jamie Strandboge | ||
Lucid |
Fix Released
|
Low
|
Jamie Strandboge |
Bug Description
Binary package hint: erlang
erlang uses it's own version of PCRE for the re module in the R13 series. This version is derived from PCRE 7.6 and has the bug described in CVE-2008-2371. It can be triggered by compiling a regexp:
re:compile(
This commit resolves the bug:
http://
Only the patch to erts/emulator/
Related branches
lp:~rdoering/ubuntu/lucid/erlang/fix-535090
- Ubuntu branches: Pending requested
-
Diff: 97 lines (+77/-0)3 files modifieddebian/changelog (+7/-0)
debian/patches/pcre-crash.patch (+68/-0)
debian/patches/series (+2/-0)
lp:~rdoering/ubuntu/karmic/erlang/fix-535090
- Steve Beattie (community): Approve
- James Westby (community): Abstain
-
Diff: 102 lines (+82/-0)3 files modifieddebian/changelog (+13/-0)
debian/patches/pcre-crash.patch (+68/-0)
debian/patches/series (+1/-0)
lp:~rdoering/ubuntu/jaunty/erlang/fix-535090
- Ubuntu branches: Pending requested
-
Diff: 102 lines (+82/-0)3 files modifieddebian/changelog (+13/-0)
debian/patches/pcre-crash.patch (+68/-0)
debian/patches/series (+1/-0)
lp:~rdoering/ubuntu/intrepid/erlang/fix-535090
- Ubuntu branches: Pending requested
-
Diff: 102 lines (+82/-0)3 files modifieddebian/changelog (+13/-0)
debian/patches/pcre-crash.patch (+68/-0)
debian/patches/series (+1/-0)
CVE References
Changed in erlang (Ubuntu): | |
status: | New → Confirmed |
importance: | Undecided → Low |
visibility: | private → public |
Changed in erlang (Ubuntu Intrepid): | |
status: | New → In Progress |
Changed in erlang (Ubuntu Jaunty): | |
status: | New → In Progress |
Changed in erlang (Ubuntu Lucid): | |
status: | Confirmed → Triaged |
Changed in erlang (Ubuntu Karmic): | |
status: | New → Triaged |
Changed in erlang (Ubuntu Intrepid): | |
status: | Fix Released → Fix Committed |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
See:
http:// www.erlang. org/cgi- bin/ezmlm- cgi/3/806