Hi,
this is the update for pcre which contains the previous security fixes. Kind regards.
Index: Makefile =================================================================== RCS file: /cvs/ports/devel/pcre/Makefile,v retrieving revision 1.62 diff -u -p -r1.62 Makefile --- Makefile 1 Apr 2016 18:15:11 -0000 1.62 +++ Makefile 28 Jun 2016 10:57:06 -0000 @@ -2,8 +2,7 @@ COMMENT= perl-compatible regular expression library -DISTNAME= pcre-8.38 -REVISION= 0 +DISTNAME= pcre-8.39 SHARED_LIBS += pcre 3.0 # 0.1 SHARED_LIBS += pcre16 0.0 # 0.0 Index: distinfo =================================================================== RCS file: /cvs/ports/devel/pcre/distinfo,v retrieving revision 1.26 diff -u -p -r1.26 distinfo --- distinfo 25 Nov 2015 09:37:00 -0000 1.26 +++ distinfo 28 Jun 2016 10:57:06 -0000 @@ -1,2 +1,2 @@ -SHA256 (pcre-8.38.tar.gz) = mIPkGcM2xjsMtSArCVN8FAlm1YXk0NpmFH3FE9oT5ik= -SIZE (pcre-8.38.tar.gz) = 2053336 +SHA256 (pcre-8.39.tar.gz) = zN9+eIdpg4+ChbPuZy7VczWCAjBe42HP7HpKT7AFu8c= +SIZE (pcre-8.39.tar.gz) = 2062258 Index: patches/patch-pcre_compile_c =================================================================== RCS file: patches/patch-pcre_compile_c diff -N patches/patch-pcre_compile_c --- patches/patch-pcre_compile_c 1 Apr 2016 18:15:11 -0000 1.8 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,59 +0,0 @@ -$OpenBSD: patch-pcre_compile_c,v 1.8 2016/04/01 18:15:11 robert Exp $ - -CVE-2016-3191 - - Upstream commit: http://vcs.pcre.org/pcre?view=revision&revision=1631 - ---- pcre_compile.c.orig Tue Mar 22 20:27:48 2016 -+++ pcre_compile.c Tue Mar 22 20:39:59 2016 -@@ -6,7 +6,7 @@ - and semantics are as close as possible to those of the Perl 5 language. - - Written by Philip Hazel -- Copyright (c) 1997-2014 University of Cambridge -+ Copyright (c) 1997-2016 University of Cambridge - - ----------------------------------------------------------------------------- - Redistribution and use in source and binary forms, with or without -@@ -560,6 +560,7 @@ static const char error_texts[] = - /* 85 */ - "parentheses are too deeply nested (stack check)\0" - "digits missing in \\x{} or \\o{}\0" -+ "regular expression is too complicated\0" - ; - - /* Table to identify digits and hex digits. This is used when compiling -@@ -4591,7 +4592,8 @@ for (;; ptr++) - if (code > cd->start_workspace + cd->workspace_size - - WORK_SIZE_SAFETY_MARGIN) /* Check for overrun */ - { -- *errorcodeptr = ERR52; -+ *errorcodeptr = (code >= cd->start_workspace + cd->workspace_size)? -+ ERR52 : ERR87; - goto FAILED; - } - -@@ -6604,8 +6606,21 @@ for (;; ptr++) - cd->had_accept = TRUE; - for (oc = cd->open_caps; oc != NULL; oc = oc->next) - { -- *code++ = OP_CLOSE; -- PUT2INC(code, 0, oc->number); -+ if (lengthptr != NULL) -+ { -+#ifdef COMPILE_PCRE8 -+ *lengthptr += 1 + IMM2_SIZE; -+#elif defined COMPILE_PCRE16 -+ *lengthptr += 2 + IMM2_SIZE; -+#elif defined COMPILE_PCRE32 -+ *lengthptr += 4 + IMM2_SIZE; -+#endif -+ } -+ else -+ { -+ *code++ = OP_CLOSE; -+ PUT2INC(code, 0, oc->number); -+ } - } - setverb = *code++ = - (cd->assert_depth > 0)? OP_ASSERT_ACCEPT : OP_ACCEPT; Index: patches/patch-pcre_internal_h =================================================================== RCS file: patches/patch-pcre_internal_h diff -N patches/patch-pcre_internal_h --- patches/patch-pcre_internal_h 1 Apr 2016 18:15:11 -0000 1.1 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,26 +0,0 @@ -$OpenBSD: patch-pcre_internal_h,v 1.1 2016/04/01 18:15:11 robert Exp $ - -CVE-2016-3191 - - Upstream commit: http://vcs.pcre.org/pcre?view=revision&revision=1631 - ---- pcre_internal.h.orig Tue Mar 22 20:28:40 2016 -+++ pcre_internal.h Tue Mar 22 20:30:29 2016 -@@ -7,7 +7,7 @@ - and semantics are as close as possible to those of the Perl 5 language. - - Written by Philip Hazel -- Copyright (c) 1997-2014 University of Cambridge -+ Copyright (c) 1997-2016 University of Cambridge - - ----------------------------------------------------------------------------- - Redistribution and use in source and binary forms, with or without -@@ -2289,7 +2289,7 @@ enum { ERR0, ERR1, ERR2, ERR3, ERR4, ERR5, ERR6, - ERR50, ERR51, ERR52, ERR53, ERR54, ERR55, ERR56, ERR57, ERR58, ERR59, - ERR60, ERR61, ERR62, ERR63, ERR64, ERR65, ERR66, ERR67, ERR68, ERR69, - ERR70, ERR71, ERR72, ERR73, ERR74, ERR75, ERR76, ERR77, ERR78, ERR79, -- ERR80, ERR81, ERR82, ERR83, ERR84, ERR85, ERR86, ERRCOUNT }; -+ ERR80, ERR81, ERR82, ERR83, ERR84, ERR85, ERR86, ERR87, ERRCOUNT }; - - /* JIT compiling modes. The function list is indexed by them. */ - Index: patches/patch-pcreposix_c =================================================================== RCS file: patches/patch-pcreposix_c diff -N patches/patch-pcreposix_c --- patches/patch-pcreposix_c 1 Apr 2016 18:15:11 -0000 1.1 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,27 +0,0 @@ -$OpenBSD: patch-pcreposix_c,v 1.1 2016/04/01 18:15:11 robert Exp $ - -CVE-2016-3191 - - Upstream commit: http://vcs.pcre.org/pcre?view=revision&revision=1631 - ---- pcreposix.c.orig Tue Mar 22 20:27:39 2016 -+++ pcreposix.c Tue Mar 22 20:27:55 2016 -@@ -6,7 +6,7 @@ - and semantics are as close as possible to those of the Perl 5 language. - - Written by Philip Hazel -- Copyright (c) 1997-2014 University of Cambridge -+ Copyright (c) 1997-2016 University of Cambridge - - ----------------------------------------------------------------------------- - Redistribution and use in source and binary forms, with or without -@@ -173,7 +173,8 @@ static const int eint[] = { - REG_BADPAT, /* group name must start with a non-digit */ - /* 85 */ - REG_BADPAT, /* parentheses too deeply nested (stack check) */ -- REG_BADPAT /* missing digits in \x{} or \o{} */ -+ REG_BADPAT, /* missing digits in \x{} or \o{} */ -+ REG_BADPAT /* pattern too complicated */ - }; - - /* Table of texts corresponding to POSIX error codes */ Index: pkg/PLIST =================================================================== RCS file: /cvs/ports/devel/pcre/pkg/PLIST,v retrieving revision 1.19 diff -u -p -r1.19 PLIST --- pkg/PLIST 17 May 2015 15:18:37 -0000 1.19 +++ pkg/PLIST 28 Jun 2016 10:57:06 -0000 @@ -1,7 +1,7 @@ @comment $OpenBSD: PLIST,v 1.19 2015/05/17 15:18:37 robert Exp $ bin/pcre-config -bin/pcregrep -bin/pcretest +@bin bin/pcregrep +@bin bin/pcretest include/pcre.h include/pcre_scanner.h include/pcre_stringpiece.h
