Package : pcre3 Version : 8.02-1.1+deb6u1 Debian Bug : 815921
HP's Zero Day Initiative has identified a vulnerability affecting the pcre3 package. It was assigned ZDI id ZDI-CAN-3542. A CVE identifier has not been assigned yet.
PCRE Regular Expression Compilation Stack Buffer Overflow Remote Code Execution Vulnerability.
PCRE did not validate that handling the (*ACCEPT) verb will occur within the bounds of the cworkspace stack buffer, leading to a stack buffer overflow.
For Debian 6 "Squeeze", these problems have been fixed in version 8.02-1.1+deb6u1.
We recommend that you upgrade your pcre3 packages.