Debian: DSA-3187-1: icu security update

    Date15 Mar 2015
    CategoryDebian
    43
    Posted ByLinuxSecurity Advisories
    Several vulnerabilities were discovered in the International Components for Unicode (ICU) library. CVE-2013-1569
    
    - -------------------------------------------------------------------------
    Debian Security Advisory DSA-3187-1                   This email address is being protected from spambots. You need JavaScript enabled to view it.
    http://www.debian.org/security/                           Michael Gilbert
    March 15, 2015                         http://www.debian.org/security/faq
    - -------------------------------------------------------------------------
    
    Package        : icu
    CVE ID         : CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2419
                     CVE-2014-6585 CVE-2014-6591 CVE-2014-7923 CVE-2014-7926
                     CVE-2014-7940 CVE-2014-9654
    Debian Bug     : 775884 776264 776265 776719
    
    Several vulnerabilities were discovered in the International Components
    for Unicode (ICU) library.
    
    CVE-2013-1569
    
        Glyph table issue.
    
    CVE-2013-2383
    
        Glyph table issue.
    
    CVE-2013-2384
    
        Font layout issue.
    
    CVE-2013-2419
    
        Font processing issue.
    
    CVE-2014-6585
    
        Out-of-bounds read.
    
    CVE-2014-6591
    
        Additional out-of-bounds reads.
    
    CVE-2014-7923
    
        Memory corruption in regular expression comparison.
    
    CVE-2014-7926
    
        Memory corruption in regular expression comparison.
    
    CVE-2014-7940
    
        Uninitialized memory.
    
    CVE-2014-9654
    
        More regular expression flaws.
    
    For the stable distribution (wheezy), these problems have been fixed in
    version 4.8.1.1-12+deb7u2.
    
    For the upcoming stable (jessie) and unstable (sid) distributions, these
    problems have been fixed in version 52.1-7.1.
    
    We recommend that you upgrade your icu packages.
    
    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/
    
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    Do you read our distribution advisories on a regular basis?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /component/communitypolls/?task=poll.vote&format=json
    23
    radio
    [{"id":"84","title":"Yes, for a single distribution","votes":"0","type":"x","order":"1","pct":0,"resources":[]},{"id":"85","title":"Yes, for multiple distributions","votes":"6","type":"x","order":"2","pct":60,"resources":[]},{"id":"86","title":"No","votes":"4","type":"x","order":"3","pct":40,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.