summaryrefslogtreecommitdiff
path: root/debian/patches/CVE-2017-6004.patch
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches/CVE-2017-6004.patch')
-rw-r--r--debian/patches/CVE-2017-6004.patch19
1 files changed, 19 insertions, 0 deletions
diff --git a/debian/patches/CVE-2017-6004.patch b/debian/patches/CVE-2017-6004.patch
new file mode 100644
index 0000000..afec3f8
--- /dev/null
+++ b/debian/patches/CVE-2017-6004.patch
@@ -0,0 +1,19 @@
+Description: CVE-2017-6004: crafted regular expression may cause denial of service
+Origin: upstream, https://vcs.pcre.org/pcre/code/trunk/pcre_jit_compile.c?r1=1676&r2=1680&view=patch
+Bug: https://bugs.exim.org/show_bug.cgi?id=2035
+Bug-Debian: https://bugs.debian.org/855405
+Forwarded: not-needed
+Author: Salvatore Bonaccorso <carnil@debian.org>
+Last-Update: 2017-02-17
+
+--- a/pcre_jit_compile.c
++++ b/pcre_jit_compile.c
+@@ -8111,7 +8111,7 @@ if (opcode == OP_COND || opcode == OP_SC
+
+ if (*matchingpath == OP_FAIL)
+ stacksize = 0;
+- if (*matchingpath == OP_RREF)
++ else if (*matchingpath == OP_RREF)
+ {
+ stacksize = GET2(matchingpath, 1);
+ if (common->currententry == NULL)
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-25 16:37:59 +0000