-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : pcre3 Version : 8.02-1.1+deb6u1 Debian Bug : 815921
HP's Zero Day Initiative has identified a vulnerability affecting the pcre3 package. It was assigned ZDI id ZDI-CAN-3542. A CVE identifier has not been assigned yet. PCRE Regular Expression Compilation Stack Buffer Overflow Remote Code Execution Vulnerability. PCRE did not validate that handling the (*ACCEPT) verb will occur within the bounds of the cworkspace stack buffer, leading to a stack buffer overflow. For Debian 6 "Squeeze", these problems have been fixed in version 8.02-1.1+deb6u1. We recommend that you upgrade your pcre3 packages. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQJ8BAEBCgBmBQJW1EoTXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1HkyIIQALXVcVfIppUJJk/maYTs2/i4 yS0KfnhHnaXXaE1Bfmk4bgQvLKehBgE2WGCQUz2WzCWS8P69HKJviPDlS8VnwZxg 7B9l5FUfX8G+eiQcrQWBv+cF5eKijFphqdm69i2aENEC4R1+PQeYOuuOBR0h8ysQ ZdCuRmEPeIfCD0D18OjJ+oF0yJbtcS6pVGto+272P1rsZhY7TZJo2hcgfPxYjTNC u02sOkd6rXoiANFKkBmJ71qQCt1ftwgWJ4PyPUZVaHmdpyLADDM5KLn2EASaEte9 1LZgIMUfDILdh/L4SU+S7C+Pp93Xl0A6F6jmbOTTBDwYZcH3ht/2Ff1eb27XSu3t VOHmCYswQSTGAjP4LiOKe3XGbof7LfdWBehdL1O1642SQtGl0YtjhKAizR0NBIOw gXi0L3NzTC0rLEd78X2SfHV57HHeqUF/BnFXNJe6ELG+xn08c7BmaYpaAE0hGYYK jdxpnPrh5RR/dKBAyZV8wGfwAZ6ArahQkWvUm65FaNeK1AQnm6ZmoeQf/cP8XV/t LNO8RPDaQB/1kT8Rmba+U0S/kupWP/iIBt3RuJG6vV5zDJQc1v0lKCSIp0APPAY3 Ih4RZJJy/rWSdoMwDnrYNISSokJXCa+7VODJJbhfhr12PHePCX8iDuhI5g0RHhgT wbiG+gwbVoNnmBNHhcH6 =UNG2 -----END PGP SIGNATURE-----