Upstream information

CVE-2008-2371 at MITRE

Description

Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having important severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 7.5
Vector AV:N/AC:L/Au:N/C:P/I:P/A:P
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial
SUSE Bugzilla entries: 400013 [RESOLVED / FIXED], 992991 [RESOLVED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Server 11 SP1
  • glib2 >= 2.22.5-0.2.23
  • glib2-doc >= 2.22.5-0.2.23
  • glib2-lang >= 2.22.5-0.2.23
  • libgio-2_0-0 >= 2.22.5-0.2.23
  • libgio-2_0-0-32bit >= 2.22.5-0.2.23
  • libgio-2_0-0-x86 >= 2.22.5-0.2.23
  • libglib-2_0-0 >= 2.22.5-0.2.23
  • libglib-2_0-0-32bit >= 2.22.5-0.2.23
  • libglib-2_0-0-x86 >= 2.22.5-0.2.23
  • libgmodule-2_0-0 >= 2.22.5-0.2.23
  • libgmodule-2_0-0-32bit >= 2.22.5-0.2.23
  • libgmodule-2_0-0-x86 >= 2.22.5-0.2.23
  • libgobject-2_0-0 >= 2.22.5-0.2.23
  • libgobject-2_0-0-32bit >= 2.22.5-0.2.23
  • libgobject-2_0-0-x86 >= 2.22.5-0.2.23
  • libgthread-2_0-0 >= 2.22.5-0.2.23
  • libgthread-2_0-0-32bit >= 2.22.5-0.2.23
  • libgthread-2_0-0-x86 >= 2.22.5-0.2.23
Patchnames:
SUSE Linux Enterprise Server 11 SP1 GA glib2
SUSE Linux Enterprise Server 11 SP2
  • glib2 >= 2.22.5-0.2.23
  • glib2-doc >= 2.22.5-0.2.23
  • glib2-lang >= 2.22.5-0.2.23
  • libgio-2_0-0 >= 2.22.5-0.2.23
  • libgio-2_0-0-32bit >= 2.22.5-0.2.23
  • libgio-2_0-0-x86 >= 2.22.5-0.2.23
  • libglib-2_0-0 >= 2.22.5-0.2.23
  • libglib-2_0-0-32bit >= 2.22.5-0.2.23
  • libglib-2_0-0-x86 >= 2.22.5-0.2.23
  • libgmodule-2_0-0 >= 2.22.5-0.2.23
  • libgmodule-2_0-0-32bit >= 2.22.5-0.2.23
  • libgmodule-2_0-0-x86 >= 2.22.5-0.2.23
  • libgobject-2_0-0 >= 2.22.5-0.2.23
  • libgobject-2_0-0-32bit >= 2.22.5-0.2.23
  • libgobject-2_0-0-x86 >= 2.22.5-0.2.23
  • libgthread-2_0-0 >= 2.22.5-0.2.23
  • libgthread-2_0-0-32bit >= 2.22.5-0.2.23
  • libgthread-2_0-0-x86 >= 2.22.5-0.2.23
Patchnames:
SUSE Linux Enterprise Server 11 SP2 GA glib2
SUSE Linux Enterprise Server 11 SP3
  • glib2 >= 2.22.5-0.8.8.1
  • glib2-doc >= 2.22.5-0.8.8.1
  • glib2-lang >= 2.22.5-0.8.8.1
  • libgio-2_0-0 >= 2.22.5-0.8.8.1
  • libgio-2_0-0-32bit >= 2.22.5-0.8.8.1
  • libgio-2_0-0-x86 >= 2.22.5-0.8.8.1
  • libglib-2_0-0 >= 2.22.5-0.8.8.1
  • libglib-2_0-0-32bit >= 2.22.5-0.8.8.1
  • libglib-2_0-0-x86 >= 2.22.5-0.8.8.1
  • libgmodule-2_0-0 >= 2.22.5-0.8.8.1
  • libgmodule-2_0-0-32bit >= 2.22.5-0.8.8.1
  • libgmodule-2_0-0-x86 >= 2.22.5-0.8.8.1
  • libgobject-2_0-0 >= 2.22.5-0.8.8.1
  • libgobject-2_0-0-32bit >= 2.22.5-0.8.8.1
  • libgobject-2_0-0-x86 >= 2.22.5-0.8.8.1
  • libgthread-2_0-0 >= 2.22.5-0.8.8.1
  • libgthread-2_0-0-32bit >= 2.22.5-0.8.8.1
  • libgthread-2_0-0-x86 >= 2.22.5-0.8.8.1
Patchnames:
SUSE Linux Enterprise Server 11 SP3 GA glib2
SUSE Linux Enterprise Server 11 SP4
  • glib2 >= 2.22.5-0.8.14.1
  • glib2-doc >= 2.22.5-0.8.14.1
  • glib2-lang >= 2.22.5-0.8.14.1
  • libgio-2_0-0 >= 2.22.5-0.8.14.1
  • libgio-2_0-0-32bit >= 2.22.5-0.8.14.1
  • libgio-2_0-0-x86 >= 2.22.5-0.8.14.1
  • libglib-2_0-0 >= 2.22.5-0.8.14.1
  • libglib-2_0-0-32bit >= 2.22.5-0.8.14.1
  • libglib-2_0-0-x86 >= 2.22.5-0.8.14.1
  • libgmodule-2_0-0 >= 2.22.5-0.8.14.1
  • libgmodule-2_0-0-32bit >= 2.22.5-0.8.14.1
  • libgmodule-2_0-0-x86 >= 2.22.5-0.8.14.1
  • libgobject-2_0-0 >= 2.22.5-0.8.14.1
  • libgobject-2_0-0-32bit >= 2.22.5-0.8.14.1
  • libgobject-2_0-0-x86 >= 2.22.5-0.8.14.1
  • libgthread-2_0-0 >= 2.22.5-0.8.14.1
  • libgthread-2_0-0-32bit >= 2.22.5-0.8.14.1
  • libgthread-2_0-0-x86 >= 2.22.5-0.8.14.1
Patchnames:
SUSE Linux Enterprise Server 11 SP4 GA glib2
SUSE Linux Enterprise Software Development Kit 11 SP4
  • glib2-devel >= 2.22.5-0.8.14.1
  • glib2-devel-32bit >= 2.22.5-0.8.14.1
  • glib2-doc >= 2.22.5-0.8.14.1
  • libgio-fam >= 2.22.5-0.8.14.1
Patchnames:
SUSE Linux Enterprise Software Development Kit 11 SP4 GA glib2-devel
openSUSE 11.0
  • pcre >= 7.6-22.2
  • pcre-32bit >= 7.6-22.2
  • pcre-64bit >= 7.6-22.2
  • pcre-devel >= 7.6-22.2