| Release | Version |
|---|---|
| jessie | 5.9.5-3.2+deb8u1 |
| jessie (security) | 5.9.5-3.2+deb8u3 |
| stretch | 6.1.3-2 |
| buster | 6.9.1-1 |
| bullseye | 6.9.2-1 |
| sid | 6.9.2-1 |
| Bug | jessie | stretch | buster | bullseye | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2019-19012 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | An integer overflow in the search_in_range function in regexec.c in On ... |
| CVE-2019-16163 | fixed | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of ... |
| CVE-2019-13225 | fixed | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | A NULL Pointer Dereference in match_at() in regexec.c in Oniguruma 6.9 ... |
| CVE-2019-13224 | fixed | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 a ... |
| Bug | Description |
|---|---|
| CVE-2017-9229 | An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod i ... |
| CVE-2017-9228 | An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod i ... |
| CVE-2017-9227 | An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod i ... |
| CVE-2017-9226 | An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod i ... |
| CVE-2017-9225 | An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod i ... |
| CVE-2017-9224 | An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod i ... |
| DSA / DLA | Description |
|---|---|
| DLA-1918-1 | libonig - security update |
| DLA-1854-1 | libonig - security update |
| DLA-958-1 | libonig - security update |