a. Updated pcre Service Console package addresses several security issues
The pcre package contains the Perl-Compatible Regular Expression library.
pcre is used by various Service Console utilities.
Several security issues were discovered in the way PCRE handles regular expressions. If an application linked against PCRE parsed a malicious regular expression, it may have been possible to run arbitrary code as the user running the application.
VMware would like to thank Ludwig Nussel for reporting these issues.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2006-7228 and CVE-2007-1660 to these issues.
RPM Updated:
pcre-3.9-10.4.i386.rpm
VMware ESX 3.5 patch ESX350-200803214-UG(pcre, net-snmp)
VMware ESX 3.0.2 patch ESX-1004217(pcre)
VMware ESX 3.0.1 patch ESX-1004187(pcre)