Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 522
Alerts This Week
Warning Icon 1 522

Fedora 22: FEDORA-2015-16314 Critical: ICU Font Parsing and Regexp Issues

fedora
Calendar Grey October 13, 2015
Dist Fedora Esm H88
Update addressing security vulnerabilities in icu related to font handling and regex parsing on Fedora 22.
Security fix for CVE-2014-6585 CVE-2014-6591 CVE-2014-7923 CVE-2014-7926 CVE-2014-9654

Summary

Tools and utilities for developing with icu.

Update Information:

Security fix for CVE-2014-6585 CVE-2014-6591 CVE-2014-7923 CVE-2014-7926 CVE-2014-9654

Change Log

References


[ 1 ] Bug #1183645 - CVE-2014-6585 ICU: font parsing OOB read (OpenJDK 2D, 8055489) https://bugzilla.redhat.com/show_bug.cgi?id=1183645 [ 2 ] Bug #1183646 - CVE-2014-6591 ICU: font parsing OOB read (OpenJDK 2D, 8056276) https://bugzilla.redhat.com/show_bug.cgi?id=1183646 [ 3 ] Bug #1185202 - CVE-2014-7923 ICU: regexp engine missing look-behind expression range check https://bugzilla.redhat.com/show_bug.cgi?id=1185202 [ 4 ] Bug #1185205 - CVE-2014-7926 ICU: regexp engine incorrect handling of a zero length quantifier https://bugzilla.redhat.com/show_bug.cgi?id=1185205 [ 5 ] Bug #1190129 - CVE-2014-9654 icu: insufficient size limit checks in regular expression compiler https://bugzilla.redhat.com/show_bug.cgi?id=1190129

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update icu' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: icu
Product: Fedora 22
Version: 54.1
Release: 4.fc22
Summary: International Components for Unicode

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.