From a4d9dbd0efcea8df42e9f6ff49b2f5a142a70041 Mon Sep 17 00:00:00 2001 From: tabthorpe <tabthorpe@FreeBSD.org> Date: Sat, 1 Mar 2008 04:08:11 +0000 Subject: - Document pcre -- buffer overflow vulnerability PR: ports/121224 Submitted by: Nick Barkas <snb threerings.net> --- security/vuxml/vuln.xml | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) (limited to 'security') diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 6b8096e01572..011b8dbb02c3 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,35 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="f9e96930-e6df-11dc-8c6a-00304881ac9a"> + <topic>pcre -- buffer overflow vulnerability</topic> + <affects> + <package> + <name>pcre</name> + <range><lt>7.6</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>PCRE developers report:</p> + <blockquote cite="http://pcre.org/changelog.txt"> + <p>A character class containing a very large number of characters with + codepoints greater than 255 (in UTF-8 mode, of course) caused a + buffer overflow.</p> + </blockquote> + </body> + </description> + <references> + <bid>27786</bid> + <cvename>CVE-2008-0674</cvename> + <url>http://pcre.org/changelog.txt</url> + </references> + <dates> + <discovery>2008-01-28</discovery> + <entry>2008-02-29</entry> + </dates> + </vuln> + <vuln vid="e8a6a16d-e498-11dc-bb89-000bcdc1757a"> <topic>libxine -- buffer overflow vulnerability</topic> <affects> -- cgit