This bug was fixed in the package erlang - 1:12.b.3-dfsg-1ubuntu1.1
---------------
erlang (1:12.b.3-dfsg-1ubuntu1.1) intrepid-security; urgency=low
* SECURITY UPDATE: denial of service via Heap-based buffer overflow in
pcre_compile.c in the Perl-Compatible Regular Expression (PCRE)
library (LP: #535090)
- CVE-2008-2371
- debian/patches/pcre-crash.patch is cherrypicked from upstream commit
http://github.com/erlang/otp/commit/bb6370a2. The hunk for the
testsuite does not apply cleanly and is not needed for the fix so was
stripped. This fix is part of the current upstream OTP release R13B04.
-- Ralf Doering <rdoer...@netsys-it.de> Fri, 12 Mar 2010 15:57:04 +0100
--
CVE-2008-2371 (outer level option with alternatives caused crash)
https://bugs.launchpad.net/bugs/535090
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
