Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 464
Alerts This Week
Warning Icon 1 464

SUSE Linux Enterprise 12-SP2: SUSE-SU-2018:1401-2 Moderate icu DoS Issue

suse
Calendar Grey October 18, 2018
Dist Suse Esm H88
SUSE Security Patch for libxml2 tackles various vulnerability issues. Update your software to safeguard your environment against risks.
An update that fixes 8 vulnerabilities is now available

Summary

icu was updated to fix two security issues. These security issues were fixed: - CVE-2014-8147: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) used an integer data type that is inconsistent with a header file, which allowed remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text (bsc#929629). - CVE-2014-8146: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) did not properly track directionally isolated pieces of text, which allowed remote attackers to

References

#1034674 #1034678 #1067203 #1072193 #1077999

#1087932 #929629 #990636

Cross- CVE-2014-8146 CVE-2014-8147 CVE-2016-6293

CVE-2017-14952 CVE-2017-15422 CVE-2017-17484

CVE-2017-7867 CVE-2017-7868

Affected Products:

SUSE Linux Enterprise Server 12-SP2-BCL

https://www.suse.com/security/cve/CVE-2014-8146.html

https://www.suse.com/security/cve/CVE-2014-8147.html

https://www.suse.com/security/cve/CVE-2016-6293.html

https://www.suse.com/security/cve/CVE-2017-14952.html

https://www.suse.com/security/cve/CVE-2017-15422.html

https://www.suse.com/security/cve/CVE-2017-17484.html

https://www.suse.com/security/cve/CVE-2017-7867.html

https://www.suse.com/security/cve/CVE-2017-7868.html

https://bugzilla.suse.com/1034674

Announcement ID: SUSE-SU-2018:1401-2
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.