* Hilko Bengen: > the original report may not have been 100% clear on this, but the bug is > the main cause of a vulnerability in Suricata (a network IDS/IPS) that > allows for remote denial of service, possibly remote code execution by > simply passing crafted packets by a Suricata installation.
Without the complete test case, that's hard to tell. If we cannot reproduce this, perhaps Suricata (at least in stable) should not explicitly enable the PCRE JIT compiler? I'm not sure if we can keep rebasing PCRE just to fix JIT compiler issues.
