Fedora Linux 8781 Published by

A mingw-pcre2 security update has been released for Fedora 35.



SECURITY: Fedora 35 Update: mingw-pcre2-10.40-1.fc35


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-19f4c34184
2022-05-30 05:33:51.174063
--------------------------------------------------------------------------------

Name : mingw-pcre2
Product : Fedora 35
Version : 10.40
Release : 1.fc35
URL :   http://www.pcre.org/
Summary : MinGW Windows pcre2 library
Description :
Cross compiled Perl-compatible regular expression library for use with mingw32.

PCRE has its own native API, but a set of "wrapper" functions that are based on
the POSIX API are also supplied in the library libpcreposix. Note that this
just provides a POSIX calling interface to PCRE: the regular expressions
themselves still follow Perl syntax and semantics. The header file
for the POSIX-style functions is called pcreposix.h.

--------------------------------------------------------------------------------
Update Information:

Update to pcre2-10.40, see
  https://github.com/PCRE2Project/pcre2/blob/pcre2-10.40/NEWS for details.
--------------------------------------------------------------------------------
ChangeLog:

* Sun May 1 2022 Sandro Mani - 10.40-1
- Update to 10.40
* Fri Mar 25 2022 Sandro Mani - 10.39-3
- Rebuild with mingw-gcc-12
* Thu Jan 20 2022 Fedora Release Engineering - 10.39-2
- Rebuilt for   https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Fri Nov 5 2021 Sandro Mani - 10.39-1
- Update to 10.39
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2081957 - CVE-2022-1586 mingw-pcre2: pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c [fedora-all]
  https://bugzilla.redhat.com/show_bug.cgi?id=2081957
[ 2 ] Bug #2081976 - CVE-2022-1587 mingw-pcre2: pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c [fedora-all]
  https://bugzilla.redhat.com/show_bug.cgi?id=2081976
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-19f4c34184' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________