[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openembedded-core
Subject:    Re: [OE-core] [kirkstone][PATCH v2] libpcre2: upgrade 10.39 -> 10.40
From:       "Marta Rybczynska" <rybczynska () gmail ! com>
Date:       2022-05-31 8:51:04
Message-ID: CAApg2=Rw9xTR+gDrznVbFq+urypKb6ZhXgjgmiQujchoEo5kSQ () mail ! gmail ! com
[Download RAW message or body]

On Tue, May 31, 2022 at 10:29 AM Davide Gardenal
<davidegarde2000@gmail.com> wrote:
>
> After a bit of research I found out that the commit that fixes CVE-2022-1=
587 (https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67=
dfcadda6b42c9d0) is not directly applicable to .39, it needs a compiler upd=
ate (https://github.com/PCRE2Project/pcre2/commit/dea56d2df94546c23021a42d9=
395f2333589f01e), this is a very substantial update. Looking at Fedora and =
Debian they updated the .40 too.
>

I've have had a look at the JIT update, the commit list for .40. The
JIT update contains something that looks like fixes around types and
their sizes, among other things. Because of that I would suggest to
bump the version here to stay on the safe side.

Regards,
Marta


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#166307): https://lists.openembedded.org/g/openembedded-core/message/166307
Mute This Topic: https://lists.openembedded.org/mt/91447368/4454766
Group Owner: openembedded-core+owner@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [openembedded-core@marc.info]
-=-=-=-=-=-=-=-=-=-=-=-



[prev in list] [next in list] [prev in thread] [next in thread]