Per bug 209067 libpcre-7.6 fixes a buffer overflow issue:
1. A character class containing a very large number of characters with
codepoints greater than 255 (in UTF-8 mode, of course) caused a buffer
dev-libs/glib includes a copy of libpcre since 2.14.0 that we also use (instead of the system pcre) for GRegex API due to the copy including patches useful for GRegex, but not yet in pcre. Therefore glib is affected by this as well, for glib users that use the GRegex API. The internal copy of pcre has been updated to 7.6 in glib-2.14.6 and it is also now in the portage tree.
Security team: glib from 2.14.0 through 2.14.5 is vulnerable to this bug, while 2.14.6 is fixed with the update of the copy and earlier (2.12.* and earlier) did not have GRegex and included pcre.
Arch teams: please stabilize glib-2.14.6 - it's only changes compared to glib-2.14.5 are the updated pcre and a couple translation updates.
Stable for HPPA.
AFAIK impact is still unknown for PCRE.
Fixed in release snapshot.
glsa together with bug 209067.