-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : libonig Version : 5.9.5-3.2+deb8u3 CVE ID : CVE-2019-16163 Debian Bug : 939988
The Oniguruma regular expressions library, notably used in PHP mbstring, is vulnerable to stack exhaustion. A crafted regular expression can crash the process. For Debian 8 "Jessie", this problem has been fixed in version 5.9.5-3.2+deb8u3. We recommend that you upgrade your libonig packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEQic8GuN/xDR88HkSj/HLbo2JBZ8FAl16EwoACgkQj/HLbo2J BZ+eJgf+OU8NBd0fwtVEmF2UgU66npBCYlsoO62ZVFXg3NuDo37+c5VKaw8JLxA5 q4/TageYMoBPDOAxb3aMaizPPW3Tcon4eFHaZ1rV6l/4rWTB7jp8ru+BwsdObIoz TIq4zGXlsYmMTC3S+u8UH1rsYkAANB5q5+Vy85BKuG8HOyxwassxgjmgW1quGfJ/ u8XB6unxSp/SzqZxH5+UFBu2dssP4o1GyNAZjcpf9naTiriyMk/AO1RU+tucRHMo 6USE5gNzFhoCiSQZRzjff2cYqd/88w/AsKq8G2gV1rAs1A0qcXSemFxA9iwD9q4A 39zRUUYSqosIBnv5aeOykQ2YQBVvnA== =oiDK -----END PGP SIGNATURE-----