Skip to content

Update dependency PCRE2Project/pcre2 to pcre2-10.46

GitLab Dependency Botrequested to merge
gitlab-renovate-forks/omnibus-gitlab:renovate/pcre2project-pcre2-10.x into master

This MR contains the following updates:

Package Update Change
PCRE2Project/pcre2 minor pcre2-10.45 -> pcre2-10.46

MR created with the help of gitlab-org/frontend/renovate-gitlab-bot

Release Notes

PCRE2Project/pcre2 (PCRE2Project/pcre2)

vpcre2-10.46

Compare Source

This is a security-only release, to address CVE-2025-58050.

Compared to 10.45, this release has only a minimal code change to prevent a read-past-the-end memory error, of arbitrary length. An attacker-controlled regex pattern is required, and it cannot be triggered by providing crafted subject (match) text. The (*ACCEPT) and (*scs:) pattern features must be used together.

Release 10.44 and earlier are not affected.

This could have implications of denial-of-service or information disclosure, and could potentially be used to escalate other vulnerabilities in a system (such as information disclosure being used to escalate the severity of an unrelated bug in another system).

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻️ Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.

  • If you want to rebase/retry this MR, check this box

This MR has been generated by Renovate Bot.

Merge request reports