Andreas Stieger 2017-09-11 19:12:21 +00:00 committed by Git OBS Bridge
parent 10f9ed3570
commit d038c3e571

View File

@ -25,6 +25,13 @@ Mon Sep 11 18:14:30 UTC 2017 - jengelh@inai.de
* The match limit value now also applies to pcre2_dfa_match()
as there are patterns that can use up a lot of resources
without necessarily recursing very deeply.
* Various minor security fixes found by fuzzers:
+ bsc#1037165: crash for forward reference in lookbehind with
PCRE2_ANCHORED
+ CVE-2017-8786: heap-based buffer overflow write in pcre2test
(bsc#1036942)
+ CVE-2017-7186: DoS by triggering an invalid Unicode property
lookup (bsc#1030066)
- Switch source URLs to use HTTP.
-------------------------------------------------------------------