Bug 45216 - erlang: PCRE (4.2)
erlang: PCRE (4.2)
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 4.2
Other Linux
: P5 normal (vote)
: UCS 4.2-1-errata
Assigned To: Philipp Hahn
Erik Damrose
Depends on:
  Show dependency treegraph
Reported: 2017-08-17 11:49 CEST by Philipp Hahn
Modified: 2017-08-30 16:29 CEST (History)
0 users

See Also:
What kind of report is it?: Security Issue
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:
hahn: Patch_Available+


Note You need to log in before you can comment on or make changes to this bug.
Description Philipp Hahn univentionstaff 2017-08-17 11:49:36 CEST
CVE-2016-10253: Fix heap overflow while compiling certain regular expressions

in triggers/ucs_4.2-0.txt for # PLUCS App
Comment 1 Philipp Hahn univentionstaff 2017-08-17 11:51:30 CEST
r82353 | Bug #45216: erlang.yaml
Comment 2 Philipp Hahn univentionstaff 2017-08-17 12:35:56 CEST
FIXED: Missing dependencies:
 libwxbase3.0-0 (>= 3.0.2)
 libwxgtk3.0-0 (>= 3.0.2)
r82355 | Bug #45216: erlang.yaml dependencies

 erlang Depends erlang-wc Depends libwxgtk3.0-0 Depends libnotify4 Recommends notification-daemon Provided-By plasma-widgets-workspace
will pull in greats parts of KDE4, if r/o/unmaintained=yes, so be careful when you install the full Erlang/OTP runtime! Consider "--no-install-recommends" or use "erlang-base"
Comment 3 Erik Damrose univentionstaff 2017-08-28 17:50:11 CEST
r82507 Added explicit maintained flag

OK: CVE-2016-10253; erlang 1:17.3-dfsg-4+deb8u1
OK: Installation/update of erlang, erlang-base 
OK: Yaml erlang.yaml, jquery-goodies.yaml, wxwidgets3.0.yaml