https://bugzilla.redhat.com/show_bug.cgi?id=1312782 --- Comment #1 from Adam Mariš <amaris(a)redhat.com&gt; --- Acknowledgments: Name: Adam Mariš (Red Hat) -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.redhat.com/show_bug.cgi?id=1312782 --- Comment #3 from Adam Mariš <amaris(a)redhat.com&gt; --- Created glib2 tracking bugs for this issue: Affects: fedora-all [bug 1312789] -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.redhat.com/show_bug.cgi?id=1312782 --- Comment #5 from Adam Mariš <amaris(a)redhat.com&gt; --- Created mingw-pcre tracking bugs for this issue: Affects: fedora-all [bug 1312788] Affects: epel-7 [bug 1312793] -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.redhat.com/show_bug.cgi?id=1312782 --- Comment #6 from Tomas Hoger <thoger(a)redhat.com&gt; --- Minimal reproducer is: //G \O1 -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.redhat.com/show_bug.cgi?id=1312782 Bug 1312782 depends on bug 1312786, which changed state. Bug 1312786 Summary: pcre: Heap buffer overflow in pcretest causing infinite loop [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1312786 What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.redhat.com/show_bug.cgi?id=1312782 Tomas Hoger <thoger(a)redhat.com&gt; changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|medium |unspecified Status|NEW |CLOSED Fixed In Version| |pcre 8.39 Resolution|--- |NOTABUG Summary|pcre: Heap buffer overflow |pcre: Heap buffer overflow |in pcretest causing |in pcretest causing |infinite loop |infinite loop (8.39/15) Whiteboard|impact=moderate,public=2016 |impact=none,public=20160114 |0114,reported=20160114,sour |,reported=20160114,source=r |ce=redhat,cvss2=4.3/AV:N/AC |edhat,cwe=CWE-122,rhel-5/pc |:M/Au:N/C:N/I:N/A:P,cwe=CWE |re=new,rhel-6/pcre=new,rhel |-122,rhel-5/pcre=new,rhel-6 |-7/pcre=new,rhel-6/glib2=ne |/pcre=new,rhel-7/pcre=new,r |w,rhel-7/glib2=new,rhel-7/v |hel-6/glib2=new,rhel-7/glib |irtuoso-opensource=new,rhsc |2=new,rhel-7/virtuoso-opens |l-2/php54-php=new,rhscl-2/p |ource=new,rhscl-2/php54-php |hp55-php=new,rhscl-2/rh-php |=new,rhscl-2/php55-php=new, |56-php=new,rhscl-2/rh-maria |rhscl-2/rh-php56-php=new,rh |db100-mariadb=new,rhscl-2/r |scl-2/rh-mariadb100-mariadb |h-mariadb101-mariadb=new,jb |=new,rhscl-2/rh-mariadb101- |ews-1/httpd=new,jbews-2/htt |mariadb=new,jbews-1/httpd=n |pd=new,jbews-3/pcre=new,dir |ew,jbews-2/httpd=new,jbews- |ectory_server_8/pcre=new,fe |3/pcre=new,directory_server |dora-all/pcre=affected,fedo |_8/pcre=new,fedora-all/pcre |ra-all/mingw-pcre=affected, |=affected,fedora-all/mingw- |fedora-all/glib2=affected,f |pcre=affected,fedora-all/gl |edora-all/mingw-glib2=affec |ib2=affected,fedora-all/min |ted,epel-7/mingw-pcre=affec |gw-glib2=affected,epel-7/mi |ted,epel-7/mingw-glib2=affe |ngw-pcre=affected,epel-7/mi |cted |ngw-glib2=affected | Severity|medium |unspecified Last Closed| |2016-03-17 10:06:19 --- Comment #9 from Tomas Hoger <thoger(a)redhat.com&gt; --- This is similar to bug 1285413 comment 7 and not relevant / security for the same reasons - pcretest is an application used for testing the pcre library. It offers ways to use the library in ways that are incorrect with respect to the documented API. Additionally, as this flaw is in the pcretest application, components that embed the pcre library while not using pcretest (e.g. glib2 mentioned above) could not have been affected. Upstream version 8.13 is the first where infinite loop is triggered, valgrind reports "Conditional jump or move depends on uninitialised value(s)" error in earlier versions. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.redhat.com/show_bug.cgi?id=1312782 Bug 1312782 depends on bug 1312789, which changed state. Bug 1312789 Summary: glib2: pcre: Heap buffer overflow in pcretest causing infinite loop [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1312789 What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.redhat.com/show_bug.cgi?id=1312782 Bug 1312782 depends on bug 1312794, which changed state. Bug 1312794 Summary: mingw-glib2: pcre: Heap buffer overflow in pcretest causing infinite loop [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1312794 What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG -- You are receiving this mail because: You are on the CC list for the bug.