Patch from upstream:

http://vcs.pcre.org/pcre?view=revision&revision=1571

to fix CVE-2015-5073 for this upstream bug

https://bugs.exim.org/show_bug.cgi?id=1651

This patch may be removed when pcre is upgraded from version 8.37

--- pcre-8.37-orig/ChangeLog	2015-06-29 09:12:15.694261234 -0700

+++ pcre-8.37/ChangeLog	2015-06-29 09:29:45.739958088 -0700

@@ -27,6 +27,10 @@ Changes since Version 8.37

     an empty string was repeated, it was not identified as matching an empty

     string itself. For example: /^(?:(?(1)x|)+)+$()/.

+6.  A pattern with an unmatched closing parenthesis that contained a backward 

+    assertion which itself contained a forward reference caused buffer 

+    overflow. And example pattern is: /(?=di(?<=(?1))|(?=(.))))/.

+

 Version 8.37 28-April-2015

 --------------------------

--- pcre-8.37-orig/pcre_compile.c	2015-06-29 09:12:15.695805136 -0700

+++ pcre-8.37/pcre_compile.c	2015-06-29 09:17:13.527304409 -0700

@@ -9406,7 +9406,7 @@ OP_RECURSE that are not fixed length get

 exceptional ones forgo this. We scan the pattern to check that they are fixed

 length, and set their lengths. */

-if (cd->check_lookbehind)

+if (errorcode == 0 && cd->check_lookbehind)

   {

   pcre_uchar *cc = (pcre_uchar *)codestart;

--- pcre-8.37-orig/testdata/testinput2	2015-06-29 09:12:15.696414562 -0700

+++ pcre-8.37/testdata/testinput2	2015-06-29 09:24:55.146760633 -0700

@@ -4170,4 +4170,6 @@ backtracking verbs. --/

 /^(?:(?(1)x|)+)+$()/BZ

+/(?=di(?<=(?1))|(?=(.))))/

+

 /-- End of testinput2 --/

--- pcre-8.37-orig/testdata/testoutput2	2015-06-29 09:12:15.698016242 -0700

+++ pcre-8.37/testdata/testoutput2	2015-06-29 09:26:11.171270088 -0700

@@ -14474,4 +14474,7 @@ Failed: reference to non-existent subpat

         End

 ------------------------------------------------------------------

+/(?=di(?<=(?1))|(?=(.))))/

+Failed: unmatched parentheses at offset 23

+

 /-- End of testinput2 --/