| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2017-08-29 | libpcre2: Fix CVE-2017-7186rbt/pcre |   Robert Yang | |
| A fuzz on libpcre1 through the pcretest utility revealed an invalid read in the library. For who is interested in a detailed description of the bug, will follow a feedback from upstream: This was a genuine bug in the 32-bit library. Thanks for finding it. The crash was caused by trying to find a Unicode property for a code value greater than 0x10ffff, the Unicode maximum, when running in non-UTF mode (where character values can be up to 0xffffffff). Signed-off-by: Robert Yang <liezhi.yang@windriver.com> | |||
| 2017-08-29 | libpcre2: Fix CVE-2017-8786 | Robert Yang | |
| The pcre2test.c in PCRE2 10.23 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression. Signed-off-by: Robert Yang <liezhi.yang@windriver.com> | |||
| 2017-02-23 | libpcre2: add it for newer vte | Robert Yang | |
| There are two major versions of the PCRE library. The newest version, PCRE2, was released in 2015 and is at version 10.22. The original, very widely deployed PCRE library, originally released in 1997, is at version 8.40, and the API and feature set are stable, future releases will be for bugfixes only. All new future features will be to PCRE2, not the original PCRE 8.x series. The newer vte depends on libpcre2, so add it. (From OE-Core rev: f7165d379cb67c4d4918a8a3e9509d3d823d61da) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> | |||
 |
index : openembedded-core-contrib | |
| OpenEmbedded Core user contribution trees | Grokmirror user |
| aboutsummaryrefslogtreecommitdiffstats |