PHP :: Sec Bug #45408 :: bundled version of libpcre misses security fix for CVE-2008-2371

Sec Bug #45408	bundled version of libpcre misses security fix for CVE-2008-2371
Submitted:	2008-07-01 18:46 UTC	Modified:	2010-11-22 15:27 UTC
From:	hoffie at gentoo dot org	Assigned:	nlopess (profile)
Status:	Closed	Package:	PCRE related
PHP Version:	5.2.6	OS:	Irrelevant
Private report:	No	CVE-ID:	2008-2371

View Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	hoffie at gentoo dot org
New email:
PHP Version:		OS:

New/Additional Comment:

[2008-07-01 18:46 UTC] hoffie at gentoo dot org

Description:
------------
The bundled version of libpcre misses the security fix for CVE-2008-2371.

See http://bugs.gentoo.org/show_bug.cgi?id=228091 for details (including a patch).

http://overlays.gentoo.org/proj/php/browser/patches/php-patches/5.2.6/5.2.6/012_pcre-integer-overflow.patch

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2008-07-06 15:24 UTC] nlopess@php.net

patch applied, thanks!

[2010-11-16 02:06 UTC] felipe@php.net

-CVE-ID: +CVE-ID: 2008-2371

[2010-11-22 15:27 UTC] felipe@php.net

-Type: Bug +Type: Security

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Dec 26 19:01:30 2024 UTC