MDKSA-2005:153
- Package name
- gnumeric
- Date
- 2005-08-26
- Advisory ID
- MDKSA-2005:153
- Affected versions
- 10.2 x86_64 , 10.2 i586 , 10.1 i586 , CS3.0 x86_64 , CS3.0 i586 , 10.1 x86_64
Problem description
Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow. The gnumeric packages use a private copy of pcre code. The updated packages have been patched to correct this problem.
Updated packages
10.2 x86_64
ebf2b9f3573524f8a956f6697f08efc9 x86_64/10.2/RPMS/gnumeric-1.4.2-1.1.102mdk.x86_64.rpm de0c185642dea43227c2bd8d04b05c19 x86_64/10.2/SRPMS/gnumeric-1.4.2-1.1.102mdk.src.rpm
10.2 i586
9ce2fee0efdaac36d6f84374da737f61 10.2/RPMS/gnumeric-1.4.2-1.1.102mdk.i586.rpm de0c185642dea43227c2bd8d04b05c19 10.2/SRPMS/gnumeric-1.4.2-1.1.102mdk.src.rpm
10.1 i586
0886c3abe93a6f99e9c388a2057678e2 10.1/RPMS/gnumeric-1.2.13-3.1.101mdk.i586.rpm 1f4b803c3a19763710cfb56b141fe4d2 10.1/SRPMS/gnumeric-1.2.13-3.1.101mdk.src.rpm
CS3.0 x86_64
58aedcd44337210db29fa0ee7123f7e0 x86_64/corporate/3.0/RPMS/gnumeric-1.2.6-1.1.C30mdk.x86_64.rpm b296c5410c6bc28c2e5774d5024d3e43 x86_64/corporate/3.0/SRPMS/gnumeric-1.2.6-1.1.C30mdk.src.rpm
CS3.0 i586
3510cf943ed010540a3659d23627f912 corporate/3.0/RPMS/gnumeric-1.2.6-1.1.C30mdk.i586.rpm b296c5410c6bc28c2e5774d5024d3e43 corporate/3.0/SRPMS/gnumeric-1.2.6-1.1.C30mdk.src.rpm
10.1 x86_64
e6371dd0e84c22a47d2be3146f6efe1e x86_64/10.1/RPMS/gnumeric-1.2.13-3.1.101mdk.x86_64.rpm 1f4b803c3a19763710cfb56b141fe4d2 x86_64/10.1/SRPMS/gnumeric-1.2.13-3.1.101mdk.src.rpm