Source: pcre3 Version: 2:8.35-8 Severity: normal Tags: security upstream patch fixed-upstream Forwarded: https://bugs.exim.org/show_bug.cgi?id=1637
Hi (This is to have a BTS reference for this bug, since no CVE id was assigned so far; I know there is work on pcre2 now). Hanno Böck reported a heap overflow in the pcre_exec function, cf. https://bugs.exim.org/show_bug.cgi?id=1637 Fixed by commit http://vcs.pcre.org/pcre?view=revision&revision=1565 (8.38). https://blog.fuzzing-project.org/29-Heap-Overflow-in-PCRE.html Regards, Salvatore
