diff options
Diffstat (limited to 'debian/patches/CVE-2017-6004.patch')
-rw-r--r-- | debian/patches/CVE-2017-6004.patch | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/debian/patches/CVE-2017-6004.patch b/debian/patches/CVE-2017-6004.patch new file mode 100644 index 0000000..afec3f8 --- /dev/null +++ b/debian/patches/CVE-2017-6004.patch @@ -0,0 +1,19 @@ +Description: CVE-2017-6004: crafted regular expression may cause denial of service +Origin: upstream, https://vcs.pcre.org/pcre/code/trunk/pcre_jit_compile.c?r1=1676&r2=1680&view=patch +Bug: https://bugs.exim.org/show_bug.cgi?id=2035 +Bug-Debian: https://bugs.debian.org/855405 +Forwarded: not-needed +Author: Salvatore Bonaccorso <carnil@debian.org> +Last-Update: 2017-02-17 + +--- a/pcre_jit_compile.c ++++ b/pcre_jit_compile.c +@@ -8111,7 +8111,7 @@ if (opcode == OP_COND || opcode == OP_SC + + if (*matchingpath == OP_FAIL) + stacksize = 0; +- if (*matchingpath == OP_RREF) ++ else if (*matchingpath == OP_RREF) + { + stacksize = GET2(matchingpath, 1); + if (common->currententry == NULL) |