Versions mentioned in the description apply to the upstream
Remediation section below for
Debian:9 relevant versions.
libpcre1 in PCRE 8.40 and libpcre2 in PCRE2 10.23 allow remote attackers to cause a denial of service (segmentation violation for read access, and application crash) by triggering an invalid Unicode property lookup.
pcre3 to version 2:8.39-3 or higher.