USN-5627-2

See a problem?

Source

https://ubuntu.com/security/notices/USN-5627-2

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5627-2.json

JSON Data

https://api.osv.dev/v1/vulns/USN-5627-2

Related

Published

2022-09-22T13:45:24.449203Z

Modified

2022-09-22T13:45:24.449203Z

Summary

pcre2 vulnerabilities

Details

USN-5627-1 fixed several vulnerabilities in PCRE. This update provides the corresponding fixes for Ubuntu 18.04 ESM.

Original advisory details:

It was discovered that PCRE incorrectly handled memory when handling certain regular expressions. An attacker could possibly use this issue to cause applications using PCRE to expose sensitive information.

References

Affected packages

Ubuntu:Pro:18.04:LTS / pcre2

Package

Name: pcre2
Purl: pkg:deb/ubuntu/pcre2@10.31-2ubuntu0.1~esm1?arch=src?distro=esm-apps/bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

10.31-2ubuntu0.1~esm1

Affected versions

10.*

10.22-3

10.22-4

10.22-5

10.22-6

10.31-2

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "libpcre2-32-0": "10.31-2ubuntu0.1~esm1",
            "libpcre2-dev": "10.31-2ubuntu0.1~esm1",
            "libpcre2-8-0": "10.31-2ubuntu0.1~esm1",
            "libpcre2-16-0": "10.31-2ubuntu0.1~esm1",
            "libpcre2-dbg": "10.31-2ubuntu0.1~esm1",
            "libpcre2-8-0-udeb": "10.31-2ubuntu0.1~esm1",
            "libpcre2-posix0": "10.31-2ubuntu0.1~esm1",
            "pcre2-utils": "10.31-2ubuntu0.1~esm1"
        }
    ]
}