[pkg-xtuple-maintainers] Bug#778398: Henry Spencer regular expressions (regex) library contains a heap overflow vulnerability
daniel at pocock.pro
Sat Feb 14 14:59:25 UTC 2015
Thanks for reporting this. I'm not able to look at the issue this weekend.
Can you please let me know if it has been reported upstream or if you
have a moment could you file the report in the upstream bug tracker at
I don't believe the package is in stable, but it is in testing and backports
On 14/02/15 15:30, Luciano Bello wrote:
> Package: openrpt
> Severity: important
> Tags: security patch
> The security team received a report from the CERT Coordination Center that the
> Henry Spencer regular expressions (regex) library contains a heap overflow
> vulnerability. It looks like this package includes the affected code at that's
> the reason of this bug report.
> The patch is available here:
> Please, can you confirm if the binary packages are affected? Are stable and
> testing affected?
> More information, here:
> A CVE id has been requested already and the report will be updated with it
> Cheers, luciano
> pkg-xtuple-maintainers mailing list
> pkg-xtuple-maintainers at lists.alioth.debian.org
More information about the pkg-xtuple-maintainers