-
Committer:
Package Import Robot
-
Author(s):
Jamie Strandboge
-
Date:
2008-03-20 14:29:07 UTC
-
Revision ID:
package-import@ubuntu.com-20080320142907-t8anwd0gl2vktsvw
Tags: 3.4.1a-1ubuntu1.6.10.1
* SECURITY UPDATE: possible read from and write to out of bounds memory
locations via back reference '\0' in regular expressions
* SECURITY UPDATE: denial of service due to memory exhaustion via a
crafted regular expression
* debian/patches/SECURITY_CVE-2007-4770_4771.patch: fix regexcmp.cpp to
return error on invalid back reference. fix rematch.cpp, uvectr32.h and
uvectr32.cpp to return error when capacity is greater than maxCapacity
* References
CVE-2007-4770
CVE-2007-4771