... darkrealms ...

Forums before death by AOL, social media and spammers... "We can't have nice things"

linux.debian.bugs.dist

Ohh some weird Debian bug report thing

28,835 messages

[ << oldest | < older | list | newer > | newest >> ]

Message 28,582 of 28,835

Salvatore Bonaccorso to All

Bug#1128782: re2c: CVE-2026-2903

22 Feb 26 19:40:01

   From: carnil@debian.org   
      
   Source: re2c   
   Version: 4.4-1   
   Severity: important   
   Tags: security upstream   
   Forwarded: https://github.com/skvadrik/re2c/issues/571   
   X-Debbugs-Cc: carnil@debian.org, Debian Security Team    
      
   Hi,   
      
   The following vulnerability was published for re2c.   
      
   CVE-2026-2903[0]:   
   | A flaw has been found in skvadrik re2c up to 4.4. Impacted is the   
   | function check_and_merge_special_rules of the file src/parse/ast.cc.   
   | This manipulation causes null pointer dereference. The attack can   
   | only be executed locally. The exploit has been published and may be   
   | used. Patch name: febeb977936f9519a25d9fbd10ff8256358cdb97. It is   
   | suggested to install a patch to address this issue.   
      
      
   If you fix the vulnerability please also make sure to include the   
   CVE (Common Vulnerabilities & Exposures) id in your changelog entry.   
      
   For further information see:   
      
   [0] https://security-tracker.debian.org/tracker/CVE-2026-2903   
       https://www.cve.org/CVERecord?id=CVE-2026-2903   
   [1] https://github.com/skvadrik/re2c/issues/571   
   [2] https://github.com/skvadrik/re2c/commit/febeb977936f9519a25d   
   fbd10ff8256358cdb97   
      
   Regards,   
   Salvatore   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)

[ << oldest | < older | list | newer > | newest >> ]