1
Candidate: CVE-2017-7244
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7244
5
https://blogs.gentoo.org/ago/2017/03/20/libpcre-invalid-memory-read-in-_pcre32_xclass-pcre_xclass-c/
7
The _pcre32_xclass function in pcre_xclass.c in libpcre1 in PCRE 8.40
8
allows remote attackers to cause a denial of service (invalid memory read)
12
mdeslaur> pcre32 support enabled only in pcre3/1:8.35-4
13
mdeslaur> same commit as CVE-2017-7186
15
https://bugs.exim.org/show_bug.cgi?id=2054
16
https://bugs.exim.org/show_bug.cgi?id=2052
17
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858683
19
Discovered-by: Agostino Sarubbo
23
upstream: https://vcs.pcre.org/pcre?view=revision&revision=1688
24
upstream_pcre3: released (2:8.39-3)
25
precise_pcre3: not-affected (code not present)
26
precise/esm_pcre3: not-affected (code not present)
27
trusty_pcre3: not-affected (code not present)
28
vivid/stable-phone-overlay_pcre3: ignored (reached end-of-life)
29
vivid/ubuntu-core_pcre3: ignored (reached end-of-life)
31
yakkety_pcre3: ignored (reached end-of-life)
32
zesty_pcre3: not-affected (2:8.39-3)
33
artful_pcre3: not-affected (2:8.39-3)
34
bionic_pcre3: not-affected (2:8.39-3)
35
devel_pcre3: not-affected (2:8.39-3)