Red Hat Enterprise Linux 5 RHSA-2009:1122-01 Moderate ICU Encoding Flaw

red hat

June 25, 2009

Updated icu packages that fix a security issue are now available for Red Hat Enterprise Linux 5

Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at

Summary

The International Components for Unicode (ICU) library provides robust and full-featured Unicode services.
A flaw was found in the way ICU processed certain, invalid byte sequences during Unicode conversion. If an application used ICU to decode malformed, multibyte character data, it may have been possible to bypass certain content protection mechanisms, or display information in a manner misleading to the user. (CVE-2009-0153)
All users of icu should upgrade to these updated packages, which contain backported patches to resolve this issue.

Topics Covered

security advisory moderate Red Hat update security fix icu flaw

References

https://www.cve.org/CVERecord?id=CVE-2009-0153 https://access.redhat.com/security/updates/classification#moderate

Package List

Red Hat Enterprise Linux Desktop (v. 5 client):
Source:
i386: icu-3.6-5.11.4.i386.rpm icu-debuginfo-3.6-5.11.4.i386.rpm libicu-3.6-5.11.4.i386.rpm libicu-doc-3.6-5.11.4.i386.rpm
x86_64: icu-3.6-5.11.4.x86_64.rpm icu-debuginfo-3.6-5.11.4.i386.rpm icu-debuginfo-3.6-5.11.4.x86_64.rpm libicu-3.6-5.11.4.i386.rpm libicu-3.6-5.11.4.x86_64.rpm libicu-doc-3.6-5.11.4.x86_64.rpm
RHEL Desktop Workstation (v. 5 client):
Source:
i386: icu-debuginfo-3.6-5.11.4.i386.rpm libicu-devel-3.6-5.11.4.i386.rpm
x86_64: icu-debuginfo-3.6-5.11.4.i386.rpm icu-debuginfo-3.6-5.11.4.x86_64.rpm libicu-devel-3.6-5.11.4.i386.rpm libicu-devel-3.6-5.11.4.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source:
i386: icu-3.6-5.11.4.i386.rpm icu-debuginfo-3.6-5.11.4.i386.rpm libicu-3.6-5.11.4.i386.rpm libicu-devel-3.6-5.11.4.i386.rpm libicu-doc-3.6-5.11.4.i386.rpm
ia64: icu-3.6-5.11.4.ia64.rpm icu-debuginfo-3.6-5.11.4.ia64.rpm libicu-3.6-5.11.4.ia64.rpm libicu-devel-3.6-5.11.4.ia64.rpm libicu-doc-3.6-5.11.4.ia64.rpm
ppc: icu-3.6-5.11.4.ppc.rpm icu-debuginfo-3.6-5.11.4.ppc.rpm icu-debuginfo-3.6-5.11.4.ppc64.rpm libicu-3.6-5.11.4.ppc.rpm libicu-3.6-5.11.4.ppc64.rpm libicu-devel-3.6-5.11.4.ppc.rpm libicu-devel-3.6-5.11.4.ppc64.rpm libicu-doc-3.6-5.11.4.ppc.rpm
s390x: icu-3.6-5.11.4.s390x.rpm

Read the Full Advisory

Advisory ID: RHSA-2009:1122-01

Product: Red Hat Enterprise Linux

Advisory URL: https://access.redhat.com/errata/RHSA-2009:1122.html

Issue date: 2009-06-25

Topic

Updated icu packages that fix a security issue are now available for RedHat Enterprise Linux 5.This update has been rated as having moderate security impact by the RedHat Security Response Team.

Topics Covered

security advisory moderate Red Hat update security fix icu flaw

Relevant Releases Architectures

Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64

RHEL Desktop Workstation (v. 5 client) - i386, x86_64

Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

Bugs Fixed

503071 - CVE-2009-0153 icu: XSS vulnerability due to improper invalid byte sequence handling

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Red Hat Enterprise Linux 5 RHSA-2009:1122-01 Moderate ICU Encoding Flaw

Solution

Summary

Topics Covered

References

Package List

Topic

Topics Covered

Relevant Releases Architectures

Bugs Fixed

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Red Hat Enterprise Linux 5 RHSA-2009:1122-01 Moderate ICU Encoding Flaw

Solution

Summary

Topics Covered

References

Package List

Topic

Topics Covered

Relevant Releases Architectures

Bugs Fixed

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!