Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2008.0670 -- [Win][UNIX/Linux][Debian]
New pcre3 packages fix arbitrary code execution
7 July 2008
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: pcre3
Publisher: Debian
Operating System: Debian GNU/Linux 4.0
UNIX variants (UNIX, Linux, OSX)
Windows
Impact: Execute Arbitrary Code/Commands
Access: Remote/Unauthenticated
CVE Names: CVE-2008-2371
Original Bulletin: http://www.debian.org/security/2008/dsa-1602
Comment: This advisory references vulnerabilities in products which run on
platforms other than Debian. It is recommended that administrators
running pcre3 check for an updated version of the software for
their operating system.
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - ------------------------------------------------------------------------
Debian Security Advisory DSA-1602-1 security@debian.org
http://www.debian.org/security/ Florian Weimer
July 05, 2008 http://www.debian.org/security/faq
- - ------------------------------------------------------------------------
Package : pcre3
Vulnerability : buffer overflow
Problem type : local (remote)
Debian-specific: no
CVE Id(s) : CVE-2008-2371
Tavis Ormandy discovered that PCRE, the Perl-Compatible Regular
Expression library, may encounter a heap overflow condition when
compiling certain regular expressions involving in-pattern options and
branches, potentially leading to arbitrary code execution.
For the stable distribution (etch), this problem has been fixed in
version 6.7+7.4-4.
For the unstable distribution (sid), this problem has been fixed soon.
We recommend that you upgrade your pcre3 packages.
Upgrade instructions
- - --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- - -------------------------------
Source archives:
http://security.debian.org/pool/updates/main/p/pcre3/pcre3_6.7+7.4-4.dsc
Size/MD5 checksum: 888 9ef88cd7ab592b3799211018f8d20f63
http://security.debian.org/pool/updates/main/p/pcre3/pcre3_6.7+7.4-4.diff.gz
Size/MD5 checksum: 83574 2d9686b5b3a5480aa528bd89cdea12a6
http://security.debian.org/pool/updates/main/p/pcre3/pcre3_6.7+7.4.orig.tar.gz
Size/MD5 checksum: 1106897 de886b22cddc8eaf620a421d3041ee0b
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-4_alpha.deb
Size/MD5 checksum: 21038 72545720bee988d70381cf56ac08ab3e
http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-4_alpha.deb
Size/MD5 checksum: 91302 039876d52014e88686119445734f6ec7
http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-4_alpha.deb
Size/MD5 checksum: 264154 19f60bc08e3f2a5d8ca305851f44ef55
http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-4_alpha.deb
Size/MD5 checksum: 209168 f19f07f81f4b9259c7b061faf7d9fc7c
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-4_amd64.deb
Size/MD5 checksum: 89984 c92634b92f00d7f41991d58d3ad690bc
http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-4_amd64.deb
Size/MD5 checksum: 198552 2760ab9ccf2cdf8b7fec89e4068feba7
http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-4_amd64.deb
Size/MD5 checksum: 250032 68f3c4360bc41358bb97f546bcb0e3ce
http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-4_amd64.deb
Size/MD5 checksum: 20150 9bed90914b31ea7f11810c3b99d5b5c6
arm architecture (ARM)
http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-4_arm.deb
Size/MD5 checksum: 88966 41f8ee2780754174274009055c952079
http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-4_arm.deb
Size/MD5 checksum: 19920 f10b8d7a5c6366136813af67d0a8b7ff
http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-4_arm.deb
Size/MD5 checksum: 243970 8becd101006adf3dfca88607c07d3086
http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-4_arm.deb
Size/MD5 checksum: 198322 b2c55ac5d7a2be62c5b5e8cb6d0c48f2
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-4_hppa.deb
Size/MD5 checksum: 92266 b9236279f24acead3acfed524d87d1bd
http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-4_hppa.deb
Size/MD5 checksum: 255722 f0a3084a3683ece8f0c10ffd937ef252
http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-4_hppa.deb
Size/MD5 checksum: 202446 5e552d19b502810cf640eb8c11776736
http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-4_hppa.deb
Size/MD5 checksum: 20726 aa317ebe8c30e18966b3786acc1398b9
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-4_i386.deb
Size/MD5 checksum: 89862 60a49383c76120d08e4d300564b659db
http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-4_i386.deb
Size/MD5 checksum: 246934 b20ff56ba4289860f1d09a75abfa3505
http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-4_i386.deb
Size/MD5 checksum: 19348 dcded2ff2a56d461e522ac11647ab4f2
http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-4_i386.deb
Size/MD5 checksum: 196894 30a9803ec2c737702228c88b121d1544
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-4_ia64.deb
Size/MD5 checksum: 230688 264ad5d5665e602b2f692b899fd0a5e9
http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-4_ia64.deb
Size/MD5 checksum: 25658 538af9aabca0427844e955f028c050e4
http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-4_ia64.deb
Size/MD5 checksum: 280674 e4d8e19abeed7202102e94597c4798e8
http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-4_ia64.deb
Size/MD5 checksum: 93858 c6cf88e6acf726bd4179658e0f2bbe9e
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-4_mips.deb
Size/MD5 checksum: 198430 ac574108ba4f6ae4b70179b7d6b5d7c9
http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-4_mips.deb
Size/MD5 checksum: 253526 77b402e25c797abf1f7557e106326667
http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-4_mips.deb
Size/MD5 checksum: 90538 e1671c5b76cca0256a8d41b8f9e419e3
http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-4_mips.deb
Size/MD5 checksum: 20424 766ce624fa24e42d04b53511e1cbed21
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-4_mipsel.deb
Size/MD5 checksum: 90520 2dc1625becce40f479e50fdcf075571b
http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-4_mipsel.deb
Size/MD5 checksum: 252396 52692425252b9c4263fb2899918d0966
http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-4_mipsel.deb
Size/MD5 checksum: 197616 f228905aa01a3ae35801dc9b9b12c0ef
http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-4_mipsel.deb
Size/MD5 checksum: 20454 e991967c20b95fe40b0f45acd9eafa1d
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-4_powerpc.deb
Size/MD5 checksum: 197676 2debc2e40a4b17f562f82e5304ce8f4a
http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-4_powerpc.deb
Size/MD5 checksum: 253048 e442f8398410b41db288e77c36b4cd5f
http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-4_powerpc.deb
Size/MD5 checksum: 92152 bd22696efa2ad001a602c73d614f046c
http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-4_powerpc.deb
Size/MD5 checksum: 21270 88d9a6a11ccb43ad9d7e2f6418875619
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-4_s390.deb
Size/MD5 checksum: 200044 6476b48137e32a76c3c85b09a901c0bc
http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-4_s390.deb
Size/MD5 checksum: 90586 de5f46464693e513d4045c0e037585ab
http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-4_s390.deb
Size/MD5 checksum: 20108 cdd1618521e5e64d04e5e26a49803b4f
http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-4_s390.deb
Size/MD5 checksum: 248498 4de3715c9a55f4aa0ba33fcde49ee7cd
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/p/pcre3/libpcre3_6.7+7.4-4_sparc.deb
Size/MD5 checksum: 197656 06f3298311fba7fb8bb4a072372c79b4
http://security.debian.org/pool/updates/main/p/pcre3/pcregrep_6.7+7.4-4_sparc.deb
Size/MD5 checksum: 19420 a4c54f7f457816b8e1f087055e959e23
http://security.debian.org/pool/updates/main/p/pcre3/libpcre3-dev_6.7+7.4-4_sparc.deb
Size/MD5 checksum: 247278 7c41012b79be5869fcf03f6c71be98b0
http://security.debian.org/pool/updates/main/p/pcre3/libpcrecpp0_6.7+7.4-4_sparc.deb
Size/MD5 checksum: 88798 5905a7ee0d9a17c564ef929655fd8cd7
These files will probably be moved into the stable distribution on
its next update.
- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBSG9qy797/wQC1SS+AQLgTAf/YR4rAg05rv0thz4uNk7G5kXEX1lvYB21
ZqCENxEqQGSQIu9Zm3ciyUwtzqeVljzb2crPN5uZmLtQvxYCjQtsHYINc0tEyNhD
vsnBKn1Qb8uN+mgMNRnhWE59cwGJJB9r+f6ni366lsJYORcuGwRsy5zH/wA1DWGt
oTun+1d/0CQU6yGGnqrIuHKrCO8XYPAShAyJUdXyuh/L2jpwCOjIB3x9j1AoDk5C
8z6ZssI1BtOy3SdPxALlJpNP7gi54DrvBnskieJKVxcZv7xe7p7GP8IJI3oK7zNe
I8Ne8xxYrhGtonZEM9txhfuxHucw1LLsNMqTJturHxA+GTf4y9pnJw==
=ifkq
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBSHFjjSh9+71yA2DNAQITRAP/Xubyw1VMSp+GoN53Xxethlv0Mf5Ii3mb
FknMWMMEcrGhBCr4Vw/q7pwA2CZim0nlV3TyTp4jso65o4YRMwJuGu47PmbgMBvJ
eyPGA+OIZZwk2x/mart03bgM3crdhCkN8XmcVgNefOtSR4IzamsB+4ImwoMWxlYu
lZOFJbIeBQc=
=hpF6
-----END PGP SIGNATURE-----