Your message dated Mon, 14 Jul 2008 18:47:07 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#488919: fixed in pcre3 7.6-2.1
has caused the Debian Bug report #488919,
regarding CVE-2008-2371: heap-based buffer overflow in PCRE
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
488919: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=488919
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: pcre3
Version: 7.6-2
Severity: grave
Hi,
there was a new GLib release yesterday that updates it's internal pcre
version to 7.7 because of a fix for CVE-2008-2371:
> * Update to PCRE 7.7
> - fix a heap-based buffer overflow in PCRE (CVE-2008-2371)
Please get pcre3 updated soonish, thanks :)
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
--- End Message ---
--- Begin Message ---
Source: pcre3
Source-Version: 7.6-2.1
We believe that the bug you reported is fixed in the latest version of
pcre3, which is due to be installed in the Debian FTP archive:
libpcre3-dbg_7.6-2.1_amd64.deb
to pool/main/p/pcre3/libpcre3-dbg_7.6-2.1_amd64.deb
libpcre3-dev_7.6-2.1_amd64.deb
to pool/main/p/pcre3/libpcre3-dev_7.6-2.1_amd64.deb
libpcre3-udeb_7.6-2.1_amd64.udeb
to pool/main/p/pcre3/libpcre3-udeb_7.6-2.1_amd64.udeb
libpcre3_7.6-2.1_amd64.deb
to pool/main/p/pcre3/libpcre3_7.6-2.1_amd64.deb
libpcrecpp0_7.6-2.1_amd64.deb
to pool/main/p/pcre3/libpcrecpp0_7.6-2.1_amd64.deb
pcre3_7.6-2.1.diff.gz
to pool/main/p/pcre3/pcre3_7.6-2.1.diff.gz
pcre3_7.6-2.1.dsc
to pool/main/p/pcre3/pcre3_7.6-2.1.dsc
pcregrep_7.6-2.1_amd64.deb
to pool/main/p/pcre3/pcregrep_7.6-2.1_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Nico Golde <[EMAIL PROTECTED]> (supplier of updated pcre3 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Mon, 14 Jul 2008 19:13:11 +0200
Source: pcre3
Binary: libpcre3 libpcre3-udeb libpcrecpp0 libpcre3-dev libpcre3-dbg pcregrep
Architecture: source amd64
Version: 7.6-2.1
Distribution: unstable
Urgency: high
Maintainer: Mark Baker <[EMAIL PROTECTED]>
Changed-By: Nico Golde <[EMAIL PROTECTED]>
Description:
libpcre3 - Perl 5 Compatible Regular Expression Library - runtime files
libpcre3-dbg - Perl 5 Compatible Regular Expression Library - debug symbols
libpcre3-dev - Perl 5 Compatible Regular Expression Library - development files
libpcre3-udeb - Perl 5 Compatible Regular Expression Library - runtime files
(ude (udeb)
libpcrecpp0 - Perl 5 Compatible Regular Expression Library - C++ runtime files
pcregrep - grep utility that uses perl 5 compatible regexes.
Closes: 476925 488919 489318
Changes:
pcre3 (7.6-2.1) unstable; urgency=high
.
* Non-maintainer upload.
* Fix heap overflow in the pcre compiler triggered by
patterns which contain options and multiple branches
(CVE-2008-2371; Closes: #488919).
* debian/rules (patch by Bryan Donlan): Update shlibdeps invocation for
libpcrecpp0 due to new symbols (Closes: #476925).
* debian/copyright: replace license information with the current license
information shipped with upstream sources (Closes: #489318).
Checksums-Sha1:
5c5cf4270443727736bf3ddd5cc52931025d5514 994 pcre3_7.6-2.1.dsc
8fddfe9c9bec7f83dfda4baf1b36908667846c11 17072 pcre3_7.6-2.1.diff.gz
dd0f8331048d98429c66c5f83a82535d616b5135 212562 libpcre3_7.6-2.1_amd64.deb
d09cf6c1dc16b36c577ca4508795dd93936349a2 73824 libpcre3-udeb_7.6-2.1_amd64.udeb
c3a4e3389d9e0a0f976984f3c97b8ae3d051b165 94224 libpcrecpp0_7.6-2.1_amd64.deb
ccce861a6346af941977bdc19aa5b7d2df1952ca 260032 libpcre3-dev_7.6-2.1_amd64.deb
6fa4bceec05774a8529e90bb7cda738be320152e 284498 libpcre3-dbg_7.6-2.1_amd64.deb
ff638063f7a736766ea779d0669d88f22ac4bb71 21538 pcregrep_7.6-2.1_amd64.deb
Checksums-Sha256:
f76ce5d67f3cd52ad009cc7e6bbdf384f3110b97ed13e1ad4d2f40f26dae6b68 994
pcre3_7.6-2.1.dsc
40de0d39048ece19f004faf6a70a9b24afa1a6d4048729b90569a71d0ac54e9d 17072
pcre3_7.6-2.1.diff.gz
8d95d775cd1de0697b30b032f273d7fe5eb6916278f341147470acc0b460badc 212562
libpcre3_7.6-2.1_amd64.deb
82a7c5f50df6c601dec61e1741b2e77ee16f5eda825a3fbeb9e7318aca8a4434 73824
libpcre3-udeb_7.6-2.1_amd64.udeb
ace835a305b12e7e5879d5902a962b16df060138adb437a493bc9407b15c86bd 94224
libpcrecpp0_7.6-2.1_amd64.deb
79870aca180c81a9dff279a77ccc6e2d8d600f0c4aeb241ad70fc735d7590cfc 260032
libpcre3-dev_7.6-2.1_amd64.deb
a407e94b3617e331effc34ec0a0089dab6d63e7cdd79867c616c5b951b8ca038 284498
libpcre3-dbg_7.6-2.1_amd64.deb
efadcfecb01d81b7d8bd33029432102bb32a2227f9ead985940fffae8969135c 21538
pcregrep_7.6-2.1_amd64.deb
Files:
1bb088b5f4640f1de760364cce1aab53 994 libs optional pcre3_7.6-2.1.dsc
d9161feccec8b87f98ffafa288bb0abf 17072 libs optional pcre3_7.6-2.1.diff.gz
b36e448c4465f8ca1d45b434b6349ec6 212562 libs important
libpcre3_7.6-2.1_amd64.deb
16d7f718617780a23af4229ca5629a94 73824 debian-installer important
libpcre3-udeb_7.6-2.1_amd64.udeb
9a40feb0d434945a0cbf77cff8f52fa3 94224 libs optional
libpcrecpp0_7.6-2.1_amd64.deb
1089cb8c710affbb3cb3d0f5e5672171 260032 libdevel optional
libpcre3-dev_7.6-2.1_amd64.deb
3dd4e0ca6f1cd74718bb682bbbb34b1a 284498 libdevel optional
libpcre3-dbg_7.6-2.1_amd64.deb
1f4f4998971ba01e35c2d3fd160aa021 21538 utils optional
pcregrep_7.6-2.1_amd64.deb
Package-Type: udeb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkh7mXcACgkQHYflSXNkfP9wVwCfbGyzN3BGOGYh/DOWbNKKdB9/
j/MAoJ4iwLWY66bPnCkbTXghxml5i3wU
=/WRC
-----END PGP SIGNATURE-----
--- End Message ---
