Jump to content
Compatible Support Forums
Sign in to follow this  
Followers 0
news

[SECURITY] [DLA 219-1] icu security update

By news, in Upcoming News

Recommended Posts

news    28

news
Posted

Package : icu

Version : 4.4.1-8+squeeze3

CVE ID : CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2419

CVE-2014-6585 CVE-2014-6591 CVE-2014-7923 CVE-2014-7926

CVE-2014-7940 CVE-2014-9654

 

Several vulnerabilities were discovered in the International Components

for Unicode (ICU) library:

 

CVE-2013-1569

 

Glyph table issue.

 

CVE-2013-2383

 

Glyph table issue.

 

CVE-2013-2384

 

Font layout issue.

 

CVE-2013-2419

 

Font processing issue.

 

CVE-2014-6585

 

Out-of-bounds read.

 

CVE-2014-6591

 

Additional out-of-bounds reads.

 

CVE-2014-7923

 

Memory corruption in regular expression comparison.

 

CVE-2014-7926

 

Memory corruption in regular expression comparison.

 

CVE-2014-7940

 

Uninitialized memory.

 

CVE-2014-9654

 

More regular expression flaws.

 

For Debian 6 “Squeezeâ€Â, these issues have been fixed in icu version

4.4.1-8+squeeze3.

 

 

Share this post

Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing Upcoming News
×