DEBIAN-CVE-2015-2305

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2015-2305

Import Source

https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2015-2305.json

JSON Data

https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2015-2305

Published

2015-03-30T10:59:11Z

Modified

2025-09-20T18:03:44Z

Summary

[none]

Details

Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow.

References

https://security-tracker.debian.org/tracker/CVE-2015-2305

Affected packages

Debian:11

clamav

Package

Name: clamav
Purl: pkg:deb/debian/clamav?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.98.7+dfsg-1

Ecosystem specific

{
    "urgency": "unimportant"
}

librcsb-core-wrapper

Package

Name: librcsb-core-wrapper
Purl: pkg:deb/debian/librcsb-core-wrapper?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.005-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

newlib

Package

Name: newlib
Purl: pkg:deb/debian/newlib?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.0.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

nvi

Package

Name: nvi
Purl: pkg:deb/debian/nvi?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.81.6-13

Ecosystem specific

{
    "urgency": "unimportant"
}

vigor

Package

Name: vigor
Purl: pkg:deb/debian/vigor?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.016-24

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12

clamav

Package

Name: clamav
Purl: pkg:deb/debian/clamav?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.98.7+dfsg-1

Ecosystem specific

{
    "urgency": "unimportant"
}

librcsb-core-wrapper

Package

Name: librcsb-core-wrapper
Purl: pkg:deb/debian/librcsb-core-wrapper?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.005-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

newlib

Package

Name: newlib
Purl: pkg:deb/debian/newlib?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.0.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

nvi

Package

Name: nvi
Purl: pkg:deb/debian/nvi?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.81.6-13

Ecosystem specific

{
    "urgency": "unimportant"
}

vigor

Package

Name: vigor
Purl: pkg:deb/debian/vigor?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.016-24

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13

clamav

Package

Name: clamav
Purl: pkg:deb/debian/clamav?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.98.7+dfsg-1

Ecosystem specific

{
    "urgency": "unimportant"
}

librcsb-core-wrapper

Package

Name: librcsb-core-wrapper
Purl: pkg:deb/debian/librcsb-core-wrapper?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.005-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

newlib

Package

Name: newlib
Purl: pkg:deb/debian/newlib?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.0.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

nvi

Package

Name: nvi
Purl: pkg:deb/debian/nvi?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.81.6-13

Ecosystem specific

{
    "urgency": "unimportant"
}

vigor

Package

Name: vigor
Purl: pkg:deb/debian/vigor?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.016-24

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:14

clamav

Package

Name: clamav
Purl: pkg:deb/debian/clamav?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.98.7+dfsg-1

Ecosystem specific

{
    "urgency": "unimportant"
}

librcsb-core-wrapper

Package

Name: librcsb-core-wrapper
Purl: pkg:deb/debian/librcsb-core-wrapper?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.005-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

newlib

Package

Name: newlib
Purl: pkg:deb/debian/newlib?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.0.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

vigor

Package

Name: vigor
Purl: pkg:deb/debian/vigor?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.016-24

Ecosystem specific

{
    "urgency": "unimportant"
}