Hello community, here is the log from the commit of package pcre for openSUSE:Factory checked in at 2015-12-03 13:24:45 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/pcre (Old) and /work/SRC/openSUSE:Factory/.pcre.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "pcre" Changes: -------- --- /work/SRC/openSUSE:Factory/pcre/pcre.changes 2015-05-06 11:21:23.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.pcre.new/pcre.changes 2015-12-03 13:24:46.000000000 +0100 @@ -1,0 +2,10 @@ +Thu Nov 26 08:28:01 UTC 2015 - astieger@suse.com + +- pcre 8.38: + * CVE-2015-3217: Call Stack Overflow Vulnerability in match() + bsc#933878 + * Other fixes to assertions, crashes, buffer overflows and + performance issues found by fuzzer, affecting applications + accepting regular expression from untrusted sources + +------------------------------------------------------------------- Old: ---- pcre-8.37.tar.bz2 pcre-8.37.tar.bz2.sig New: ---- pcre-8.38.tar.bz2 pcre-8.38.tar.bz2.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ pcre.spec ++++++ --- /var/tmp/diff_new_pack.tK2niS/_old 2015-12-03 13:24:48.000000000 +0100 +++ /var/tmp/diff_new_pack.tK2niS/_new 2015-12-03 13:24:48.000000000 +0100 @@ -17,7 +17,7 @@ Name: pcre -Version: 8.37 +Version: 8.38 Release: 0 Summary: A library for Perl-compatible regular expressions License: BSD-3-Clause ++++++ pcre-8.37.tar.bz2 -> pcre-8.38.tar.bz2 ++++++ ++++ 8108 lines of diff (skipped)