USN-624-2: Erlang vulnerability
Referenced CVEs:
CVE-2008-2371
Description:
===========================================================
Ubuntu Security Notice USN-624-2 April 09, 2010
erlang vulnerability
CVE-2008-2371
===========================================================
Ubuntu Security Notice USN-624-2 April 09, 2010
erlang vulnerability
CVE-2008-2371
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 9.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 9.10:
erlang-base 1:13.b.1-dfsg-2ubuntu1.1
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
USN-624-1 fixed a vulnerability in PCRE. This update provides the
corresponding update for Erlang.
Original advisory details:
Tavis Ormandy discovered that the PCRE library did not correctly handle
certain in-pattern options. An attacker could cause applications linked
against pcre3 to crash, leading to a denial of service.
