5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.029 Low
EPSS
Percentile
90.6%
CentOS Errata and Security Advisory CESA-2015:0330
PCRE is a Perl-compatible regular expression library.
A flaw was found in the way PCRE handled certain malformed regular
expressions. This issue could cause an application (for example, Konqueror)
linked against PCRE to crash while parsing malicious regular expressions.
(CVE-2014-8964)
This update also adds the following enhancement:
All pcre users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue and add this enhancement.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-cr-announce/2015-March/028008.html
Affected packages:
pcre
pcre-devel
pcre-static
pcre-tools
Upstream details at:
https://access.redhat.com/errata/RHSA-2015:0330
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 7 | i686 | pcre | < 8.32-14.el7 | pcre-8.32-14.el7.i686.rpm |
CentOS | 7 | x86_64 | pcre | < 8.32-14.el7 | pcre-8.32-14.el7.x86_64.rpm |
CentOS | 7 | i686 | pcre-devel | < 8.32-14.el7 | pcre-devel-8.32-14.el7.i686.rpm |
CentOS | 7 | x86_64 | pcre-devel | < 8.32-14.el7 | pcre-devel-8.32-14.el7.x86_64.rpm |
CentOS | 7 | i686 | pcre-static | < 8.32-14.el7 | pcre-static-8.32-14.el7.i686.rpm |
CentOS | 7 | x86_64 | pcre-static | < 8.32-14.el7 | pcre-static-8.32-14.el7.x86_64.rpm |
CentOS | 7 | x86_64 | pcre-tools | < 8.32-14.el7 | pcre-tools-8.32-14.el7.x86_64.rpm |