Explore top 10 tips to secure your open-source projects now. Read More
×
Date: Fri, 25 Jan 2008 11:20:51 -0600 Reply-To: Troy DawsonSender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA for icu on SL5.x i386/x86_64 Comments: To: " This email address is being protected from spambots. You need JavaScript enabled to view it. "Synopsis: Important: icu security update Issue date: 2008-01-25 CVE Names: CVE-2007-4770 CVE-2007-4771 Will Drewry reported multiple flaws in the way libicu processed certain malformed regular expressions. If an application linked against ICU, such as OpenOffice.org, processed a carefully crafted regular expression, it may be possible to execute arbitrary code as the user running the application. (CVE-2007-4770, CVE-2007-4771) SL 5.x SRPMS: icu-3.6-5.11.1.src.rpm i386: icu-3.6-5.11.1.i386.rpm libicu-3.6-5.11.1.i386.rpm libicu-devel-3.6-5.11.1.i386.rpm libicu-doc-3.6-5.11.1.i386.rpm x86_64: icu-3.6-5.11.1.x86_64.rpm libicu-3.6-5.11.1.i386.rpm libicu-3.6-5.11.1.x86_64.rpm libicu-devel-3.6-5.11.1.i386.rpm libicu-devel-3.6-5.11.1.x86_64.rpm libicu-doc-3.6-5.11.1.x86_64.rpm -Connie Sieh -Troy Dawson