diff mbox series

pcre2: Update to version 10.46

Message ID 20250902073044.1675-4-adolf.belka@ipfire.org
State Staged
Commit 5c924fdccb6cceacaf536d4710dd989c829a689f
Headers
Series pcre2: Update to version 10.46 |

Commit Message

Adolf Belka 2 Sep 2025, 7:30 a.m. UTC 
- Update from version 10.45 to 10.46
- Update of rootfile
- Changelog
    10.46
	This is a security-only release, to address CVE-2025-58050.
	Compared to 10.45, this release has only a minimal code change to prevent a
	 read-past-the-end memory error, of arbitrary length. An attacker-controlled
	 regex pattern is required, and it cannot be triggered by providing crafted
	 subject (match) text. The (*ACCEPT) and (*scs:) pattern features must be used
	 together.
	Release 10.44 and earlier are not affected.
	This could have implications of denial-of-service or information disclosure,
	 and could potentially be used to escalate other vulnerabilities in a system
	 (such as information disclosure being used to escalate the severity of an
	 unrelated bug in another system).

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
---
 config/rootfiles/common/pcre2 | 230 +++++++++++++++++-----------------
 lfs/pcre2                     |   4 +-
 2 files changed, 117 insertions(+), 117 deletions(-)
diff mbox series

Patch

diff --git a/config/rootfiles/common/pcre2 b/config/rootfiles/common/pcre2
index fc7ffed4e..c80d7453b 100644
--- a/config/rootfiles/common/pcre2
+++ b/config/rootfiles/common/pcre2
@@ -23,121 +23,121 @@  usr/lib/libpcre2-posix.so.3.0.6
 #usr/lib/pkgconfig/libpcre2-32.pc
 #usr/lib/pkgconfig/libpcre2-8.pc
 #usr/lib/pkgconfig/libpcre2-posix.pc
-#usr/share/doc/pcre-pcre2-10.45
-#usr/share/doc/pcre-pcre2-10.45/AUTHORS.md
-#usr/share/doc/pcre-pcre2-10.45/COPYING
-#usr/share/doc/pcre-pcre2-10.45/ChangeLog
-#usr/share/doc/pcre-pcre2-10.45/LICENCE.md
-#usr/share/doc/pcre-pcre2-10.45/NEWS
-#usr/share/doc/pcre-pcre2-10.45/README
-#usr/share/doc/pcre-pcre2-10.45/SECURITY.md
-#usr/share/doc/pcre-pcre2-10.45/html
-#usr/share/doc/pcre-pcre2-10.45/html/NON-AUTOTOOLS-BUILD.txt
-#usr/share/doc/pcre-pcre2-10.45/html/README.txt
-#usr/share/doc/pcre-pcre2-10.45/html/index.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2-config.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_callout_enumerate.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_code_copy.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_code_copy_with_tables.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_code_free.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_compile.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_compile_context_copy.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_compile_context_create.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_compile_context_free.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_config.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_convert_context_copy.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_convert_context_create.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_convert_context_free.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_converted_pattern_free.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_dfa_match.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_general_context_copy.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_general_context_create.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_general_context_free.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_get_error_message.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_get_mark.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_get_match_data_heapframes_size.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_get_match_data_size.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_get_ovector_count.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_get_ovector_pointer.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_get_startchar.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_jit_compile.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_jit_free_unused_memory.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_jit_match.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_jit_stack_assign.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_jit_stack_create.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_jit_stack_free.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_maketables.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_maketables_free.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_match.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_match_context_copy.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_match_context_create.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_match_context_free.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_match_data_create.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_match_data_create_from_pattern.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_match_data_free.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_pattern_convert.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_pattern_info.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_serialize_decode.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_serialize_encode.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_serialize_free.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_serialize_get_number_of_codes.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_set_bsr.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_set_callout.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_set_character_tables.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_set_compile_extra_options.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_set_compile_recursion_guard.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_set_depth_limit.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_set_glob_escape.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_set_glob_separator.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_set_heap_limit.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_set_match_limit.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_set_max_pattern_compiled_length.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_set_max_pattern_length.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_set_max_varlookbehind.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_set_newline.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_set_offset_limit.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_set_optimize.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_set_parens_nest_limit.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_set_recursion_limit.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_set_recursion_memory_management.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_set_substitute_callout.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_set_substitute_case_callout.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_substitute.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_substring_copy_byname.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_substring_copy_bynumber.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_substring_free.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_substring_get_byname.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_substring_get_bynumber.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_substring_length_byname.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_substring_length_bynumber.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_substring_list_free.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_substring_list_get.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_substring_nametable_scan.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2_substring_number_from_name.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2api.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2build.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2callout.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2compat.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2convert.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2demo.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2grep.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2jit.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2limits.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2matching.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2partial.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2pattern.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2perform.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2posix.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2sample.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2serialize.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2syntax.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2test.html
-#usr/share/doc/pcre-pcre2-10.45/html/pcre2unicode.html
-#usr/share/doc/pcre-pcre2-10.45/pcre2-config.txt
-#usr/share/doc/pcre-pcre2-10.45/pcre2.txt
-#usr/share/doc/pcre-pcre2-10.45/pcre2grep.txt
-#usr/share/doc/pcre-pcre2-10.45/pcre2test.txt
+#usr/share/doc/pcre-pcre2-10.46
+#usr/share/doc/pcre-pcre2-10.46/AUTHORS.md
+#usr/share/doc/pcre-pcre2-10.46/COPYING
+#usr/share/doc/pcre-pcre2-10.46/ChangeLog
+#usr/share/doc/pcre-pcre2-10.46/LICENCE.md
+#usr/share/doc/pcre-pcre2-10.46/NEWS
+#usr/share/doc/pcre-pcre2-10.46/README
+#usr/share/doc/pcre-pcre2-10.46/SECURITY.md
+#usr/share/doc/pcre-pcre2-10.46/html
+#usr/share/doc/pcre-pcre2-10.46/html/NON-AUTOTOOLS-BUILD.txt
+#usr/share/doc/pcre-pcre2-10.46/html/README.txt
+#usr/share/doc/pcre-pcre2-10.46/html/index.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2-config.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_callout_enumerate.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_code_copy.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_code_copy_with_tables.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_code_free.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_compile.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_compile_context_copy.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_compile_context_create.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_compile_context_free.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_config.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_convert_context_copy.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_convert_context_create.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_convert_context_free.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_converted_pattern_free.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_dfa_match.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_general_context_copy.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_general_context_create.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_general_context_free.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_get_error_message.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_get_mark.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_get_match_data_heapframes_size.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_get_match_data_size.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_get_ovector_count.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_get_ovector_pointer.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_get_startchar.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_jit_compile.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_jit_free_unused_memory.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_jit_match.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_jit_stack_assign.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_jit_stack_create.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_jit_stack_free.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_maketables.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_maketables_free.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_match.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_match_context_copy.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_match_context_create.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_match_context_free.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_match_data_create.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_match_data_create_from_pattern.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_match_data_free.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_pattern_convert.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_pattern_info.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_serialize_decode.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_serialize_encode.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_serialize_free.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_serialize_get_number_of_codes.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_set_bsr.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_set_callout.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_set_character_tables.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_set_compile_extra_options.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_set_compile_recursion_guard.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_set_depth_limit.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_set_glob_escape.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_set_glob_separator.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_set_heap_limit.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_set_match_limit.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_set_max_pattern_compiled_length.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_set_max_pattern_length.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_set_max_varlookbehind.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_set_newline.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_set_offset_limit.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_set_optimize.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_set_parens_nest_limit.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_set_recursion_limit.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_set_recursion_memory_management.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_set_substitute_callout.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_set_substitute_case_callout.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_substitute.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_substring_copy_byname.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_substring_copy_bynumber.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_substring_free.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_substring_get_byname.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_substring_get_bynumber.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_substring_length_byname.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_substring_length_bynumber.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_substring_list_free.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_substring_list_get.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_substring_nametable_scan.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2_substring_number_from_name.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2api.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2build.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2callout.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2compat.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2convert.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2demo.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2grep.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2jit.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2limits.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2matching.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2partial.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2pattern.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2perform.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2posix.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2sample.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2serialize.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2syntax.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2test.html
+#usr/share/doc/pcre-pcre2-10.46/html/pcre2unicode.html
+#usr/share/doc/pcre-pcre2-10.46/pcre2-config.txt
+#usr/share/doc/pcre-pcre2-10.46/pcre2.txt
+#usr/share/doc/pcre-pcre2-10.46/pcre2grep.txt
+#usr/share/doc/pcre-pcre2-10.46/pcre2test.txt
 #usr/share/man/man1/pcre2-config.1
 #usr/share/man/man1/pcre2grep.1
 #usr/share/man/man1/pcre2test.1
diff --git a/lfs/pcre2 b/lfs/pcre2
index 34b71b393..900545323 100644
--- a/lfs/pcre2
+++ b/lfs/pcre2
@@ -24,7 +24,7 @@ 
 
 include Config
 
-VER        = 10.45
+VER        = 10.46
 
 THISAPP    = pcre2-$(VER)
 DL_FILE    = $(THISAPP).tar.bz2
@@ -54,7 +54,7 @@  objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = ec8a76cb28ef6680f8655828462551baf4e48019ff01e40bda2732b43b849bd69f8321238d7fa8f6b650ec88f7229a72928ad95d57423643f995d95264f5a4db
+$(DL_FILE)_BLAKE2 = ebd501ba2105c847bb830c932bbfafef2e14583743f62b46af7671aa801eff0ca8b1ed9ce8252f9b091f18ef6e5ef38d47777f657d3ba3813be3d94856558080
 
 install : $(TARGET)