oss-sec mailing list archives
Re: CVE Request: IrRegular Expressions resource exhaustion in regex compilation [was: Re: [oss-security] CVE Request: resource exhaustion in regex expression handling in WebKit]
From: <cve-assign () mitre org>
Date: Thu, 15 Dec 2016 12:42:05 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Compiling the above regex also causes excessive resource consumption in the portable Irregex (IrRegular Expressions) Scheme package, which can be found at http://synthcode.com/scheme/irregex/
Use CVE-2016-9954. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJYUtTtAAoJEHb/MwWLVhi2T9MP/RGyNWSuhs4FoFjAuofBzG0v oFn5+4gQlR1DMi8zJ61w6CYWUeTLkxkD4WNORaSJ9gpIp5Qbk2yPN9jAJ6vDd1Q+ FmVr2Jn7QiDXokJeUCfbEr5WT6MwbUhi5j3MejQr9UC3ufMexz1b/gHcoNb9C4T7 s2KURQgu8k0Rur8a0Sjim0ZX5DeiLA8Hd3hNRKb5KRCAE7uBFqbw8lHdQwUApIZJ 16JeGI7xtmbms1I9iwMM9vZvbtHp71NM20NUxb/kk3CM13mHuhWov5PaPQ5INdny tOR240tekYbESJFfnaZ1U5obDQqaETWq3C9zXaEbRB/lG6HsBDkBjOvLHqsCTKsr DiRL4z4xkX/Ko08QDPhiirLKy04w7qCMXf0IncqjutMBPZEKowrb9wuNdsJF4h8p M66PTlmWwPAVL2HyEJyWCwxMmw96oDgQUoP8Ktc9KqwpqxjTAQz8cr+uEa/ld+SC ttujAe89KYQXtMJmXTrMqP0ufNJW+PpIY67e4cqnM0ebDPzEMtSwxTCo+38DGR3M 337DGOc6Q0EPcwJNAvt6BjSgy/dMvHE36BRHf2GW2rM2dvQPpecidmKcK4sW/Ef2 Er8WTqni+BQ/Xxb1/jngHUwzBxzor+9CcBoJrNiIFw+OA/aRQWJf2FBmrBYIp4Aj A40+HIGh8NSxhfIGG/Xm =kqkA -----END PGP SIGNATURE-----
Current thread:
- CVE Request: resource exhaustion in regex expression handling in WebKit Gustavo Grieco (Nov 26)
- Re: CVE Request: resource exhaustion in regex expression handling in WebKit cve-assign (Nov 26)
- CVE Request: IrRegular Expressions resource exhaustion in regex compilation [was: Re: [oss-security] CVE Request: resource exhaustion in regex expression handling in WebKit] Peter Bex (Dec 14)
- Re: CVE Request: IrRegular Expressions resource exhaustion in regex compilation [was: Re: [oss-security] CVE Request: resource exhaustion in regex expression handling in WebKit] cve-assign (Dec 15)