Security update for pcre

SUSE Security Update: Security update for pcre
Announcement ID: SUSE-SU-2016:2971-1
Rating: moderate
References: #906574 #924960 #933288 #933878 #936227 #942865 #957566 #957567 #957598 #957600 #960837 #971741 #972127
Affected Products:
  • SUSE Linux Enterprise Workstation Extension 12-SP2
  • SUSE Linux Enterprise Workstation Extension 12-SP1
  • SUSE Linux Enterprise Software Development Kit 12-SP2
  • SUSE Linux Enterprise Software Development Kit 12-SP1
  • SUSE Linux Enterprise Server for Raspberry Pi 12-SP2
  • SUSE Linux Enterprise Server 12-SP2
  • SUSE Linux Enterprise Server 12-SP1
  • SUSE Linux Enterprise High Availability 12-SP2
  • SUSE Linux Enterprise High Availability 12-SP1
  • SUSE Linux Enterprise Desktop 12-SP2
  • SUSE Linux Enterprise Desktop 12-SP1

  • An update that fixes 25 vulnerabilities is now available.

    Description:


    This update for pcre to version 8.39 (bsc#972127) fixes several issues.

    If you use pcre extensively please be aware that this is an update to a
    new version. Please make sure that your software works with the updated
    version.

    This version fixes a number of vulnerabilities that affect pcre and
    applications using the libary when accepting untrusted input as regular
    expressions or as part thereof. Remote attackers could have caused the
    application to crash, disclose information or potentially execute
    arbitrary code. These security issues were fixed:

    - CVE-2014-8964: Heap-based buffer overflow in PCRE allowed remote
    attackers to cause a denial of service (crash) or have other unspecified
    impact via a crafted regular expression, related to an assertion that
    allows zero repeats (bsc#906574).
    - CVE-2015-2325: Heap buffer overflow in compile_branch() (bsc#924960).
    - CVE-2015-3210: Heap buffer overflow in pcre_compile2() / compile_regex()
    (bsc#933288)
    - CVE-2015-3217: PCRE Library Call Stack Overflow Vulnerability in match()
    (bsc#933878).
    - CVE-2015-5073: Library Heap Overflow Vulnerability in find_fixedlength()
    (bsc#936227).
    - bsc#942865: heap overflow in compile_regex()
    - CVE-2015-8380: The pcre_exec function in pcre_exec.c mishandled a //
    pattern with a \01 string, which allowed remote attackers to cause a
    denial of service (heap-based buffer overflow) or possibly have
    unspecified other impact via a crafted regular expression, as
    demonstrated by a JavaScript RegExp object encountered by Konqueror
    (bsc#957566).
    - CVE-2015-2327: PCRE mishandled certain patterns with internal recursive
    back references, which allowed remote attackers to cause a denial of
    service (segmentation fault) or possibly have unspecified other impact
    via a crafted regular expression, as demonstrated by a JavaScript RegExp
    object encountered by Konqueror (bsc#957567).
    - bsc#957598: Various security issues
    - CVE-2015-8381: Heap Overflow in compile_regex() (bsc#957598).
    - CVE-2015-8382: Regular Expression Uninitialized Pointer Information
    Disclosure Vulnerability (ZDI-CAN-2547)(bsc#957598).
    - CVE-2015-8383: Buffer overflow caused by repeated conditional
    group(bsc#957598).
    - CVE-2015-8384: Buffer overflow caused by recursive back reference by
    name within certain group(bsc#957598).
    - CVE-2015-8385: Buffer overflow caused by forward reference by name to
    certain group(bsc#957598).
    - CVE-2015-8386: Buffer overflow caused by lookbehind
    assertion(bsc#957598).
    - CVE-2015-8387: Integer overflow in subroutine calls(bsc#957598).
    - CVE-2015-8388: Buffer overflow caused by certain patterns with an
    unmatched closing parenthesis(bsc#957598).
    - CVE-2015-8389: Infinite recursion in JIT compiler when processing
    certain patterns(bsc#957598).
    - CVE-2015-8390: Reading from uninitialized memory when processing certain
    patterns(bsc#957598).
    - CVE-2015-8391: Some pathological patterns causes pcre_compile() to run
    for a very long time(bsc#957598).
    - CVE-2015-8392: Buffer overflow caused by certain patterns with
    duplicated named groups(bsc#957598).
    - CVE-2015-8393: Information leak when running pcgrep -q on crafted
    binary(bsc#957598).
    - CVE-2015-8394: Integer overflow caused by missing check for certain
    conditions(bsc#957598).
    - CVE-2015-8395: Buffer overflow caused by certain references(bsc#957598).
    - CVE-2015-2328: PCRE mishandled the /((?(R)a|(?1)))+/ pattern and related
    patterns with certain recursion, which allowed remote attackers to cause
    a denial of service (segmentation fault) or possibly have unspecified
    other impact via a crafted regular expression (bsc#957600).
    - CVE-2016-1283: The pcre_compile2 function in pcre_compile.c in PCRE
    mishandled certain patterns with named subgroups, which allowed remote
    attackers to cause a denial of service (heap-based buffer overflow) or
    possibly have unspecified other impact via a crafted regular expression
    (bsc#960837).
    - CVE-2016-3191: The compile_branch function in pcre_compile.c in
    pcre2_compile.c mishandled patterns containing an (*ACCEPT) substring in
    conjunction with nested parentheses, which allowed remote attackers to
    execute arbitrary code or cause a denial of service (stack-based buffer
    overflow) via a crafted regular expression (bsc#971741).

    These non-security issues were fixed:
    - JIT compiler improvements
    - performance improvements
    - The Unicode data tables have been updated to Unicode 7.0.0.

    Patch Instructions:

    To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product:

    • SUSE Linux Enterprise Workstation Extension 12-SP2:
      zypper in -t patch SUSE-SLE-WE-12-SP2-2016-1744=1
    • SUSE Linux Enterprise Workstation Extension 12-SP1:
      zypper in -t patch SUSE-SLE-WE-12-SP1-2016-1744=1
    • SUSE Linux Enterprise Software Development Kit 12-SP2:
      zypper in -t patch SUSE-SLE-SDK-12-SP2-2016-1744=1
    • SUSE Linux Enterprise Software Development Kit 12-SP1:
      zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-1744=1
    • SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:
      zypper in -t patch SUSE-SLE-RPI-12-SP2-2016-1744=1
    • SUSE Linux Enterprise Server 12-SP2:
      zypper in -t patch SUSE-SLE-SERVER-12-SP2-2016-1744=1
    • SUSE Linux Enterprise Server 12-SP1:
      zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-1744=1
    • SUSE Linux Enterprise High Availability 12-SP2:
      zypper in -t patch SUSE-SLE-HA-12-SP2-2016-1744=1
    • SUSE Linux Enterprise High Availability 12-SP1:
      zypper in -t patch SUSE-SLE-HA-12-SP1-2016-1744=1
    • SUSE Linux Enterprise Desktop 12-SP2:
      zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2016-1744=1
    • SUSE Linux Enterprise Desktop 12-SP1:
      zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-1744=1

    To bring your system up-to-date, use "zypper patch".

    Package List:

    • SUSE Linux Enterprise Workstation Extension 12-SP2 (x86_64):
      • libpcrecpp0-32bit-8.39-5.1
      • libpcrecpp0-8.39-5.1
      • libpcrecpp0-debuginfo-32bit-8.39-5.1
      • libpcrecpp0-debuginfo-8.39-5.1
      • pcre-debugsource-8.39-5.1
    • SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64):
      • libpcrecpp0-32bit-8.39-5.1
      • libpcrecpp0-8.39-5.1
      • libpcrecpp0-debuginfo-32bit-8.39-5.1
      • libpcrecpp0-debuginfo-8.39-5.1
      • pcre-debugsource-8.39-5.1
    • SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64):
      • libpcrecpp0-8.39-5.1
      • libpcrecpp0-debuginfo-8.39-5.1
      • libpcreposix0-8.39-5.1
      • libpcreposix0-debuginfo-8.39-5.1
      • pcre-debugsource-8.39-5.1
      • pcre-devel-8.39-5.1
      • pcre-devel-static-8.39-5.1
      • pcre-tools-8.39-5.1
      • pcre-tools-debuginfo-8.39-5.1
    • SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64):
      • libpcrecpp0-8.39-5.1
      • libpcrecpp0-debuginfo-8.39-5.1
      • libpcreposix0-8.39-5.1
      • libpcreposix0-debuginfo-8.39-5.1
      • pcre-debugsource-8.39-5.1
      • pcre-devel-8.39-5.1
      • pcre-devel-static-8.39-5.1
      • pcre-tools-8.39-5.1
      • pcre-tools-debuginfo-8.39-5.1
    • SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64):
      • libpcre1-8.39-5.1
      • libpcre1-debuginfo-8.39-5.1
      • libpcre16-0-8.39-5.1
      • libpcre16-0-debuginfo-8.39-5.1
      • pcre-debugsource-8.39-5.1
    • SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64):
      • libpcre1-8.39-5.1
      • libpcre1-debuginfo-8.39-5.1
      • libpcre16-0-8.39-5.1
      • libpcre16-0-debuginfo-8.39-5.1
      • pcre-debugsource-8.39-5.1
    • SUSE Linux Enterprise Server 12-SP2 (x86_64):
      • libpcre1-32bit-8.39-5.1
      • libpcre1-debuginfo-32bit-8.39-5.1
    • SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64):
      • libpcre1-8.39-5.1
      • libpcre1-debuginfo-8.39-5.1
      • libpcre16-0-8.39-5.1
      • libpcre16-0-debuginfo-8.39-5.1
      • pcre-debugsource-8.39-5.1
    • SUSE Linux Enterprise Server 12-SP1 (s390x x86_64):
      • libpcre1-32bit-8.39-5.1
      • libpcre1-debuginfo-32bit-8.39-5.1
    • SUSE Linux Enterprise High Availability 12-SP2 (ppc64le s390x x86_64):
      • libpcreposix0-8.39-5.1
      • libpcreposix0-debuginfo-8.39-5.1
      • pcre-debugsource-8.39-5.1
    • SUSE Linux Enterprise High Availability 12-SP1 (ppc64le s390x x86_64):
      • libpcreposix0-8.39-5.1
      • libpcreposix0-debuginfo-8.39-5.1
      • pcre-debugsource-8.39-5.1
    • SUSE Linux Enterprise Desktop 12-SP2 (x86_64):
      • libpcre1-32bit-8.39-5.1
      • libpcre1-8.39-5.1
      • libpcre1-debuginfo-32bit-8.39-5.1
      • libpcre1-debuginfo-8.39-5.1
      • libpcre16-0-8.39-5.1
      • libpcre16-0-debuginfo-8.39-5.1
      • libpcrecpp0-32bit-8.39-5.1
      • libpcrecpp0-8.39-5.1
      • libpcrecpp0-debuginfo-32bit-8.39-5.1
      • libpcrecpp0-debuginfo-8.39-5.1
      • pcre-debugsource-8.39-5.1
    • SUSE Linux Enterprise Desktop 12-SP1 (x86_64):
      • libpcre1-32bit-8.39-5.1
      • libpcre1-8.39-5.1
      • libpcre1-debuginfo-32bit-8.39-5.1
      • libpcre1-debuginfo-8.39-5.1
      • libpcre16-0-8.39-5.1
      • libpcre16-0-debuginfo-8.39-5.1
      • libpcrecpp0-32bit-8.39-5.1
      • libpcrecpp0-8.39-5.1
      • libpcrecpp0-debuginfo-32bit-8.39-5.1
      • libpcrecpp0-debuginfo-8.39-5.1
      • pcre-debugsource-8.39-5.1

    References: