Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Scientific Linux: CVE-2011-4599 Moderate: ICU Buffer Overflow

Calendar Dec 15, 2011 User Avatar LinuxSecurity Advisories
2 - 3 min read
Scientific Large Esm H500
Topics%20covered

Topics Covered

security advisory moderate buffer overflow software update security fix icu scientific linux
Moderate: icu security update 
Date: Thu, 15 Dec 2011 15:24:37 -0600
Reply-To: This email address is being protected from spambots. You need JavaScript enabled to view it.
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Subject: Security ERRATA Moderate: icu on SL5.x, SL6.x i386/x86_64
Comments: To: This email address is being protected from spambots. You need JavaScript enabled to view it.

Synopsis: Moderate: icu security update
Issue Date: 2011-12-13
CVE Numbers: CVE-2011-4599

The International Components for Unicode (ICU) library provides robust and
full-featured Unicode services.

A stack-based buffer overflow flaw was found in the way ICU performed
variant canonicalization for some locale identifiers. If a
specially-crafted locale representation was opened in an application
linked against ICU, it could cause the application to crash or, possibly,
execute arbitrary code with the privileges of the user running the
application. (CVE-2011-4599)

All users of ICU should upgrade to these updated packages, which contain a
backported patch to resolve this issue. All applications linked against
ICU must be restarted for this update to take effect.

SL5:
 i386
 icu-3.6-5.16.1.i386.rpm
 icu-debuginfo-3.6-5.16.1.i386.rpm
 libicu-3.6-5.16.1.i386.rpm
 libicu-devel-3.6-5.16.1.i386.rpm
 libicu-doc-3.6-5.16.1.i386.rpm
 x86_64
 icu-3.6-5.16.1.x86_64.rpm
 icu-debuginfo-3.6-5.16.1.i386.rpm
 icu-debuginfo-3.6-5.16.1.x86_64.rpm
 libicu-3.6-5.16.1.i386.rpm
 libicu-3.6-5.16.1.x86_64.rpm
 libicu-devel-3.6-5.16.1.i386.rpm
 libicu-devel-3.6-5.16.1.x86_64.rpm
 libicu-doc-3.6-5.16.1.x86_64.rpm
SL6:
 i386
 icu-4.2.1-9.1.el6_2.i686.rpm
 icu-debuginfo-4.2.1-9.1.el6_2.i686.rpm
 libicu-4.2.1-9.1.el6_2.i686.rpm
 libicu-devel-4.2.1-9.1.el6_2.i686.rpm
 noarch
 libicu-doc-4.2.1-9.1.el6_2.noarch.rpm
 x86_64
 icu-4.2.1-9.1.el6_2.x86_64.rpm
 icu-debuginfo-4.2.1-9.1.el6_2.i686.rpm
 icu-debuginfo-4.2.1-9.1.el6_2.x86_64.rpm
 libicu-4.2.1-9.1.el6_2.i686.rpm
 libicu-4.2.1-9.1.el6_2.x86_64.rpm
 libicu-devel-4.2.1-9.1.el6_2.i686.rpm
 libicu-devel-4.2.1-9.1.el6_2.x86_64.rpm

- Scientific Linux Development Team
Your message here