A vulnerability in PCRE2 could lead to a Denial of Service condition.
|Package||net-libs/pcre2 on all architectures|
|Affected versions||< 10.34|
|Unaffected versions||>= 10.34|
PCRE2 is a project based on PCRE (Perl Compatible Regular Expressions) which has a new and revised API.
PCRE2 has a flaw when handling JIT-compiled regex using the \X pattern.
An attacker could cause a possible Denial of Service condition.
There is no known workaround at this time.
All PCRE2 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/pcre2-10.34"
June 15, 2020
June 15, 2020: 1