Oval Definition:oval:com.redhat.rhsa:def:20070967
Revision Date:2007-11-05Version:635
Title:RHSA-2007:0967: pcre security update (Critical)
Description:PCRE is a Perl-compatible regular expression library.

  • Multiple flaws were found in the way pcre handles certain malformed regular expressions. If an application linked against pcre, such as Konqueror, parses a malicious regular expression, it may be possible to run arbitrary code as the user running the application. (CVE-2007-1659, CVE-2007-1660)

    Users of pcre are advised to upgrade to these updated packages, which contain backported patches to correct these issues.

    Red Hat would like to thank Tavis Ormandy and Will Drewry for properly disclosing these issues.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2007-1659
    CVE-2007-1660
    RHSA-2007:0967
    RHSA-2007:0967-02
    RHSA-2007:0967-02
    Platform(s):Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • pcre is earlier than 0:6.6-2.el5_0.1
  • AND pcre is signed with Red Hat redhatrelease2 key
  • pcre-devel is earlier than 0:6.6-2.el5_0.1
  • AND pcre-devel is signed with Red Hat redhatrelease2 key
    • BACK