| Package | libonig |
|---|---|
| Version | 5.9.1-1+deb7u3 |
| Related CVEs | CVE-2019-16163 |
The Oniguruma regular expressions library, notably used in PHP mbstring, is vulnerable to stack exhaustion. A crafted regular expression can crash the process.
For Debian 7 Wheezy, these problems have been fixed in version 5.9.1-1+deb7u3.
We recommend that you upgrade your libonig packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.