aboutsummaryrefslogtreecommitdiffstats
path: root/erl-build-tool-vars.sh
diff options
context:
space:
mode:
authorMichael Santos <[email protected]>2010-02-10 15:19:48 -0500
committerBjörn Gustavsson <[email protected]>2010-02-11 08:10:27 +0100
commitbb6370a20be07e6bd0c9f6e89a3cd9719dccbfd3 (patch)
tree6c51e88d2a9eef850cddafce82d80517971f568c /erl-build-tool-vars.sh
parent64a697339414f424073c5b021285fddb0ff2d9da (diff)
downloadotp-bb6370a20be07e6bd0c9f6e89a3cd9719dccbfd3.tar.gz
otp-bb6370a20be07e6bd0c9f6e89a3cd9719dccbfd3.tar.bz2
otp-bb6370a20be07e6bd0c9f6e89a3cd9719dccbfd3.zip
Fix CVE-2008-2371 (outer level option with alternatives caused crash).
The patch is from: http://vcs.pcre.org/viewvc?revision=360&view=revision Test case: re:compile(<<"(?i)[\xc3\xa9\xc3\xbd]|[\xc3\xa9\xc3\xbdA]">>, [unicode]). An option change at the start of a pattern that had top-level alternatives could cause overwriting and/or a crash. This potential security problem was recorded as CVE-2008-2371.
Diffstat (limited to 'erl-build-tool-vars.sh')
0 files changed, 0 insertions, 0 deletions