Hi Matthew, On Sun, Jan 03, 2016 at 10:59:04AM +0000, Matthew Vernon wrote: > Hi, > > On 03/01/16 06:36, Salvatore Bonaccorso wrote: > > >CVE-2016-1283[0]: > >PCRE Library Heap Overflow Vulnerability > > > >If you fix the vulnerability please also make sure to include the > >CVE (Common Vulnerabilities & Exposures) id in your changelog entry. > > > >No upstream commit is available at this time yet, but opening a bug to > >track the issue. > > Thanks. This doesn't affect PCRE2, and upstream don't seem confident of a > rapid fix for PCRE3. I'll keep an eye on the pcre-dev list for a suitable > patch.
Ack, came to the same conclusion while checking pcre2 as well. Thanks for keeping an eye on it. Thanks for all your work on pcre3 and pcre2. Regards, Salvatore
