Processed: Re: Bug#796281: jessie-pu: package pcre3/2:8.35-3.3+deb8u1
Processing control commands: > tags -1 + pending Bug #796281 [release.debian.org] jessie-pu: package pcre3/2:8.35-3.3+deb8u1 Added tag(s) pending. -- 796281: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796281 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#796281: jessie-pu: package pcre3/2:8.35-3.3+deb8u1
Control: tags -1 + pending On Tue, 2015-09-15 at 23:56 +0200, Moritz Mühlenhoff wrote: > On Tue, Sep 15, 2015 at 09:16:48PM +0100, Adam D. Barratt wrote: > > Control: tags -1 -moreinfo +confirmed > > > > On Fri, 2015-09-11 at 20:24 +0200, Moritz Mühlenhoff wrote: > > > On Fri, Aug 21, 2015 at 03:59:15PM +0100, Adam D. Barratt wrote: > > > > Control: tags -1 + moreinfo > > > > > > > > On Fri, 2015-08-21 at 01:35 +0200, Moritz Muehlenhoff wrote: > > > > > This update fixes four minor security issues which don't warrant > > > > > a DSA. These have been tested in a production setup and were > > > > > working fine there. > > > > [...] > > > > > + * CVE-2015-2325 CVE-2015-2326 CVE-2015-3210 CVE-2015-5073 > > > > > > > > The BTS and Security Tracker indicate that the first three of those > > > > aren't fixed in unstable yet; is that correct? > > > > > > Now fixed in unstable in 2:8.35-7.2. > > > > Thanks; please feel free to upload. > > Done. Flagged for acceptance. Regards, Adam
Bug#796281: jessie-pu: package pcre3/2:8.35-3.3+deb8u1
On Tue, Sep 15, 2015 at 09:16:48PM +0100, Adam D. Barratt wrote: > Control: tags -1 -moreinfo +confirmed > > On Fri, 2015-09-11 at 20:24 +0200, Moritz Mühlenhoff wrote: > > On Fri, Aug 21, 2015 at 03:59:15PM +0100, Adam D. Barratt wrote: > > > Control: tags -1 + moreinfo > > > > > > On Fri, 2015-08-21 at 01:35 +0200, Moritz Muehlenhoff wrote: > > > > This update fixes four minor security issues which don't warrant > > > > a DSA. These have been tested in a production setup and were > > > > working fine there. > > > [...] > > > > + * CVE-2015-2325 CVE-2015-2326 CVE-2015-3210 CVE-2015-5073 > > > > > > The BTS and Security Tracker indicate that the first three of those > > > aren't fixed in unstable yet; is that correct? > > > > Now fixed in unstable in 2:8.35-7.2. > > Thanks; please feel free to upload. Done. Cheers, Moritz
Processed: Re: Bug#796281: jessie-pu: package pcre3/2:8.35-3.3+deb8u1
Processing control commands: > tags -1 -moreinfo +confirmed Bug #796281 [release.debian.org] jessie-pu: package pcre3/2:8.35-3.3+deb8u1 Ignoring request to alter tags of bug #796281 to the same tags previously set Bug #796281 [release.debian.org] jessie-pu: package pcre3/2:8.35-3.3+deb8u1 Added tag(s) confirmed. -- 796281: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796281 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#796281: jessie-pu: package pcre3/2:8.35-3.3+deb8u1
Control: tags -1 -moreinfo +confirmed On Fri, 2015-09-11 at 20:24 +0200, Moritz Mühlenhoff wrote: > On Fri, Aug 21, 2015 at 03:59:15PM +0100, Adam D. Barratt wrote: > > Control: tags -1 + moreinfo > > > > On Fri, 2015-08-21 at 01:35 +0200, Moritz Muehlenhoff wrote: > > > This update fixes four minor security issues which don't warrant > > > a DSA. These have been tested in a production setup and were > > > working fine there. > > [...] > > > + * CVE-2015-2325 CVE-2015-2326 CVE-2015-3210 CVE-2015-5073 > > > > The BTS and Security Tracker indicate that the first three of those > > aren't fixed in unstable yet; is that correct? > > Now fixed in unstable in 2:8.35-7.2. Thanks; please feel free to upload. Regards, Adam
Bug#796281: jessie-pu: package pcre3/2:8.35-3.3+deb8u1
On Fri, Aug 21, 2015 at 03:59:15PM +0100, Adam D. Barratt wrote: > Control: tags -1 + moreinfo > > On Fri, 2015-08-21 at 01:35 +0200, Moritz Muehlenhoff wrote: > > This update fixes four minor security issues which don't warrant > > a DSA. These have been tested in a production setup and were > > working fine there. > [...] > > + * CVE-2015-2325 CVE-2015-2326 CVE-2015-3210 CVE-2015-5073 > > The BTS and Security Tracker indicate that the first three of those > aren't fixed in unstable yet; is that correct? Now fixed in unstable in 2:8.35-7.2. Cheers, Moritz
Bug#796281: jessie-pu: package pcre3/2:8.35-3.3+deb8u1
On Fri, Aug 28, 2015 at 07:19:28 +0200, Moritz Mühlenhoff wrote: On Fri, Aug 21, 2015 at 03:59:15PM +0100, Adam D. Barratt wrote: Control: tags -1 + moreinfo On Fri, 2015-08-21 at 01:35 +0200, Moritz Muehlenhoff wrote: This update fixes four minor security issues which don't warrant a DSA. These have been tested in a production setup and were working fine there. [...] + * CVE-2015-2325 CVE-2015-2326 CVE-2015-3210 CVE-2015-5073 The BTS and Security Tracker indicate that the first three of those aren't fixed in unstable yet; is that correct? No, but these are backports from current upstream and I suppose Matthew will simply move to a new upstream version at some point. We don't like to include fixes in jessie that aren't in sid/stretch. Please ping again when that's done. Thanks, Julien signature.asc Description: Digital signature
Bug#796281: jessie-pu: package pcre3/2:8.35-3.3+deb8u1
On Fri, Aug 21, 2015 at 03:59:15PM +0100, Adam D. Barratt wrote: Control: tags -1 + moreinfo On Fri, 2015-08-21 at 01:35 +0200, Moritz Muehlenhoff wrote: This update fixes four minor security issues which don't warrant a DSA. These have been tested in a production setup and were working fine there. [...] + * CVE-2015-2325 CVE-2015-2326 CVE-2015-3210 CVE-2015-5073 The BTS and Security Tracker indicate that the first three of those aren't fixed in unstable yet; is that correct? No, but these are backports from current upstream and I suppose Matthew will simply move to a new upstream version at some point. Cheers, Moritz
Processed: Re: Bug#796281: jessie-pu: package pcre3/2:8.35-3.3+deb8u1
Processing control commands: tags -1 + moreinfo Bug #796281 [release.debian.org] jessie-pu: package pcre3/2:8.35-3.3+deb8u1 Added tag(s) moreinfo. -- 796281: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796281 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#796281: jessie-pu: package pcre3/2:8.35-3.3+deb8u1
Control: tags -1 + moreinfo On Fri, 2015-08-21 at 01:35 +0200, Moritz Muehlenhoff wrote: This update fixes four minor security issues which don't warrant a DSA. These have been tested in a production setup and were working fine there. [...] + * CVE-2015-2325 CVE-2015-2326 CVE-2015-3210 CVE-2015-5073 The BTS and Security Tracker indicate that the first three of those aren't fixed in unstable yet; is that correct? Regards, Adam
Bug#796281: jessie-pu: package pcre3/2:8.35-3.3+deb8u1
Package: release.debian.org Severity: normal Tags: jessie User: release.debian@packages.debian.org Usertags: pu This update fixes four minor security issues which don't warrant a DSA. These have been tested in a production setup and were working fine there. Debdiff below. Cheers, Moritz diff -Nru pcre3-8.35/debian/changelog pcre3-8.35/debian/changelog --- pcre3-8.35/debian/changelog 2014-12-06 19:58:27.0 +0100 +++ pcre3-8.35/debian/changelog 2015-08-16 13:38:23.0 +0200 @@ -1,3 +1,9 @@ +pcre3 (2:8.35-3.3+deb8u1) jessie; urgency=medium + + * CVE-2015-2325 CVE-2015-2326 CVE-2015-3210 CVE-2015-5073 + + -- Moritz Muehlenhoff j...@debian.org Sun, 16 Aug 2015 11:37:39 + + pcre3 (2:8.35-3.3) unstable; urgency=medium * Non-maintainer upload. diff -Nru pcre3-8.35/debian/patches/CVE-2015-2325_CVE-2015-2326_CVE-2015-3210_CVE-2015-5073.patch pcre3-8.35/debian/patches/CVE-2015-2325_CVE-2015-2326_CVE-2015-3210_CVE-2015-5073.patch --- pcre3-8.35/debian/patches/CVE-2015-2325_CVE-2015-2326_CVE-2015-3210_CVE-2015-5073.patch 1970-01-01 01:00:00.0 +0100 +++ pcre3-8.35/debian/patches/CVE-2015-2325_CVE-2015-2326_CVE-2015-3210_CVE-2015-5073.patch 2015-08-16 13:36:47.0 +0200 @@ -0,0 +1,492 @@ +https://security-tracker.debian.org/tracker/CVE-2015-5073 +https://security-tracker.debian.org/tracker/CVE-2015-3210 +https://security-tracker.debian.org/tracker/CVE-2015-2326 +https://security-tracker.debian.org/tracker/CVE-2015-2325 + +--- pcre3-8.35.orig/pcre_compile.c pcre3-8.35/pcre_compile.c +@@ -549,6 +549,7 @@ static const char error_texts[] = + group name must start with a non-digit\0 + /* 85 */ + parentheses are too deeply nested (stack check)\0 ++ digits missing in \\x{} or \\o{}\0 + ; + + /* Table to identify digits and hex digits. This is used when compiling +@@ -3936,14 +3937,14 @@ Arguments: + adjust the amount by which the group is to be moved + utfTRUE in UTF-8 / UTF-16 / UTF-32 mode + cd contains pointers to tables etc. +- save_hwm the hwm forward reference pointer at the start of the group ++ save_hwm_offset the hwm forward reference offset at the start of the group + + Returns: nothing + */ + + static void + adjust_recurse(pcre_uchar *group, int adjust, BOOL utf, compile_data *cd, +- pcre_uchar *save_hwm) ++ size_t save_hwm_offset) + { + pcre_uchar *ptr = group; + +@@ -3955,7 +3956,8 @@ while ((ptr = (pcre_uchar *)find_recurse + /* See if this recursion is on the forward reference list. If so, adjust the + reference. */ + +- for (hc = save_hwm; hc cd-hwm; hc += LINK_SIZE) ++ for (hc = (pcre_uchar *)cd-start_workspace + save_hwm_offset; hc cd-hwm; ++ hc += LINK_SIZE) + { + offset = (int)GET(hc, 0); + if (cd-start_code + offset == ptr + 1) +@@ -4400,7 +4402,7 @@ const pcre_uchar *tempptr; + const pcre_uchar *nestptr = NULL; + pcre_uchar *previous = NULL; + pcre_uchar *previous_callout = NULL; +-pcre_uchar *save_hwm = NULL; ++size_t save_hwm_offset = 0; + pcre_uint8 classbits[32]; + + /* We can fish out the UTF-8 setting once and for all into a BOOL, but we +@@ -5912,7 +5914,7 @@ for (;; ptr++) + if (repeat_max = 1)/* Covers 0, 1, and unlimited */ + { + *code = OP_END; +- adjust_recurse(previous, 1, utf, cd, save_hwm); ++ adjust_recurse(previous, 1, utf, cd, save_hwm_offset); + memmove(previous + 1, previous, IN_UCHARS(len)); + code++; + if (repeat_max == 0) +@@ -5936,7 +5938,7 @@ for (;; ptr++) + { + int offset; + *code = OP_END; +- adjust_recurse(previous, 2 + LINK_SIZE, utf, cd, save_hwm); ++ adjust_recurse(previous, 2 + LINK_SIZE, utf, cd, save_hwm_offset); + memmove(previous + 2 + LINK_SIZE, previous, IN_UCHARS(len)); + code += 2 + LINK_SIZE; + *previous++ = OP_BRAZERO + repeat_type; +@@ -5999,26 +6001,25 @@ for (;; ptr++) + for (i = 1; i repeat_min; i++) + { + pcre_uchar *hc; +- pcre_uchar *this_hwm = cd-hwm; ++ size_t this_hwm_offset = cd-hwm - cd-start_workspace; + memcpy(code, previous, IN_UCHARS(len)); + + while (cd-hwm cd-start_workspace + cd-workspace_size - +- WORK_SIZE_SAFETY_MARGIN - (this_hwm - save_hwm)) ++ WORK_SIZE_SAFETY_MARGIN - ++ (this_hwm_offset - save_hwm_offset)) + { +-int save_offset = save_hwm - cd-start_workspace; +-int this_offset = this_hwm - cd-start_workspace; + *errorcodeptr = expand_workspace(cd); + if (*errorcodeptr != 0) goto FAILED; +-save_hwm = (pcre_uchar *)cd-start_workspace + save_offset; +-this_hwm = (pcre_uchar *)cd-start_workspace + this_offset; + } + +- for (hc = save_hwm;