News

=========================================================== Ubuntu Security Notice USN-173-1 August 23, 2005 pcre3 vulnerability CAN-2005-2491 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary Hedgehog) The following packages are affected: libpcre3 The problem can be corrected by upgrading the affected package to version 4.5-1.1ubuntu0.4.10 (for Ubuntu 4.10), or 4.5-1.1ubuntu0.5.04 (for Ubuntu 5.04). A standard system upgrade is NOT SUFFICIENT to effect the necessary changes! If you can afford to reboot your machine, this is the easiest way to ensure that all services using this library are restarted correctly. If not, please manually restart all server processes (exim, Apache, PHP, etc.). It is advised to also restart your desktop session. Details follow: A buffer overflow has been discovered in the PCRE, a widely used library that provides Perl compatible regular expressions. Specially crafted regular expressions triggered a buffer overflow. On systems that accept arbitrary regular expressions from untrusted users, this could be exploited to execute arbitrary code with the privileges of the application using the library.