The most recent commit to pcre-ocaml added support for JIT-compilation of patterns; this results in an mmap'd region with PROT_WRITE | PROT_EXEC, which will raise concerns by, say, grsec. As we have no need for this feature, nor is it used by the pcre package other than a default initialization, we will pin to the commit preceding the last.
Description
Description
Details
Details
- Difficulty level
- Unknown (require assessment)
- Version
- vyos-1.4
- Why the issue appeared?
- Will be filled on close
- Is it a breaking change?
- Perfectly compatible
- Issue type
- Security vulnerability
Related Objects
Related Objects
- Mentioned In
- 1.3.3