USN-5627-1

It was discovered that PCRE incorrectly handled memory when handling certain regular expressions. An attacker could possibly use this issue to cause applications using PCRE to expose sensitive information.

References

Affected packages

Ubuntu:20.04:LTS / pcre2

Package

Name: pcre2
Purl: pkg:deb/ubuntu/pcre2@10.34-7ubuntu0.1?arch=source&distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

10.34-7ubuntu0.1

Affected versions

10.*

10.32-5

10.34-7

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "libpcre2-16-0",
            "binary_version": "10.34-7ubuntu0.1"
        },
        {
            "binary_name": "libpcre2-16-0-dbgsym",
            "binary_version": "10.34-7ubuntu0.1"
        },
        {
            "binary_name": "libpcre2-32-0",
            "binary_version": "10.34-7ubuntu0.1"
        },
        {
            "binary_name": "libpcre2-32-0-dbgsym",
            "binary_version": "10.34-7ubuntu0.1"
        },
        {
            "binary_name": "libpcre2-8-0",
            "binary_version": "10.34-7ubuntu0.1"
        },
        {
            "binary_name": "libpcre2-8-0-dbgsym",
            "binary_version": "10.34-7ubuntu0.1"
        },
        {
            "binary_name": "libpcre2-8-0-udeb",
            "binary_version": "10.34-7ubuntu0.1"
        },
        {
            "binary_name": "libpcre2-dev",
            "binary_version": "10.34-7ubuntu0.1"
        },
        {
            "binary_name": "libpcre2-posix2",
            "binary_version": "10.34-7ubuntu0.1"
        },
        {
            "binary_name": "libpcre2-posix2-dbgsym",
            "binary_version": "10.34-7ubuntu0.1"
        },
        {
            "binary_name": "pcre2-utils",
            "binary_version": "10.34-7ubuntu0.1"
        },
        {
            "binary_name": "pcre2-utils-dbgsym",
            "binary_version": "10.34-7ubuntu0.1"
        }
    ],
    "availability": "No subscription required"
}

Ubuntu:22.04:LTS / pcre2

Package

Name: pcre2
Purl: pkg:deb/ubuntu/pcre2@10.39-3ubuntu0.1?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

10.39-3ubuntu0.1

Affected versions

10.*

10.37-0ubuntu2

10.39-3

10.39-3build1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "libpcre2-16-0",
            "binary_version": "10.39-3ubuntu0.1"
        },
        {
            "binary_name": "libpcre2-16-0-dbgsym",
            "binary_version": "10.39-3ubuntu0.1"
        },
        {
            "binary_name": "libpcre2-32-0",
            "binary_version": "10.39-3ubuntu0.1"
        },
        {
            "binary_name": "libpcre2-32-0-dbgsym",
            "binary_version": "10.39-3ubuntu0.1"
        },
        {
            "binary_name": "libpcre2-8-0",
            "binary_version": "10.39-3ubuntu0.1"
        },
        {
            "binary_name": "libpcre2-8-0-dbgsym",
            "binary_version": "10.39-3ubuntu0.1"
        },
        {
            "binary_name": "libpcre2-dev",
            "binary_version": "10.39-3ubuntu0.1"
        },
        {
            "binary_name": "libpcre2-posix3",
            "binary_version": "10.39-3ubuntu0.1"
        },
        {
            "binary_name": "libpcre2-posix3-dbgsym",
            "binary_version": "10.39-3ubuntu0.1"
        },
        {
            "binary_name": "pcre2-utils",
            "binary_version": "10.39-3ubuntu0.1"
        },
        {
            "binary_name": "pcre2-utils-dbgsym",
            "binary_version": "10.39-3ubuntu0.1"
        }
    ],
    "availability": "No subscription required"
}