Note: Because we set libexecdir=$libdir and the libacl people create symlinks
$libexecdir/libacl.so -> $libdir/libacl.so it will nicely overwrite the
original symlink $libdir/libacl.so -> $libdir/libacl.so.$ver otherwise.
CVE-2007-1659 (Medium) :
Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent
attackers to cause a denial of service (crash) and possibly execute arbitrary code via regex
patters containing unmatched "\Q\E" sequences with orphan "\E" codes.
CVE-2007-1660 (Medium) :
Perl-Compatible Regular Expression (PCRE) library before 7.3 does not properly calculate sizes
for unspecified "multiple forms of character class", which triggers a buffer overflow that allows
context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary
code.
CVE-2007-1661 (Medium) :
Perl-Compatible Regular Expression (PCRE) library before 7.3 backtracks too far when matching
certain input bytes against some regex patterns in non-UTF-8 mode, which allows
context-dependent attackers to obtain sensitive information or cause a denial of service (crash),
as demonstrated by the "\X?\d" and "\P{L}?\d" patterns.
CVE-2007-1662 (Medium) :
Perl-Compatible Regular Expression (PCRE) library before 7.3 reads past the end of the string
when searching for unmatched brackets and parentheses, which allows context-dependent
attackers to cause a denial of service (crash), possibly involving forward references.
CVE-2007-4766 (High) :
Multiple integer overflows in Perl-Compatible Regular Expression (PCRE) library before 7.3 allow
context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via
unspecified escape (backslash) sequences.
CVE-2007-4767 (Medium) :
Perl-Compatible Regular Expression (PCRE) library before 7.3 does not properly compute the
length of (1) a \p sequence, (2) a \P sequence, or (3) a \P{x} sequence, which allows
context-dependent attackers to cause a denial of service (infinite loop or crash) or execute
arbitrary code.
CVE-2007-4768 (Medium) :
Heap-based buffer overflow in Perl-Compatible Regular Expression (PCRE) library before 7.3
allows context-dependent attackers to execute arbitrary code via a singleton Unicode sequence
in a character class in a regex pattern, which is incorrectly optimized.