1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 3187-1] icu security update

    From Michael Gilbert@1:229/2 to All on Sun Mar 15 06:10:01 2015
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-3187-1 [email protected] http://www.debian.org/security/ Michael Gilbert
    March 15, 2015 http://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : icu
    CVE ID : CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2419
    CVE-2014-6585 CVE-2014-6591 CVE-2014-7923 CVE-2014-7926
    CVE-2014-7940 CVE-2014-9654
    Debian Bug : 775884 776264 776265 776719

    Several vulnerabilities were discovered in the International Components
    for Unicode (ICU) library.

    CVE-2013-1569

    Glyph table issue.

    CVE-2013-2383

    Glyph table issue.

    CVE-2013-2384

    Font layout issue.

    CVE-2013-2419

    Font processing issue.

    CVE-2014-6585

    Out-of-bounds read.

    CVE-2014-6591

    Additional out-of-bounds reads.

    CVE-2014-7923

    Memory corruption in regular expression comparison.

    CVE-2014-7926

    Memory corruption in regular expression comparison.

    CVE-2014-7940

    Uninitialized memory.

    CVE-2014-9654

    More regular expression flaws.

    For the stable distribution (wheezy), these problems have been fixed in
    version 4.8.1.1-12+deb7u2.

    For the upcoming stable (jessie) and unstable (sid) distributions, these problems have been fixed in version 52.1-7.1.

    We recommend that you upgrade your icu packages.

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1

    iQQcBAEBCgAGBQJVBRIKAAoJELjWss0C1vRzffkf/3c3969L9aI5JN/9i+N8cT3a 1wdG7JnH5W990a9nt6zEfpgVT+tNIM0AW3Q7hY7P4ld9rQbht4qKZA2n739cqHiF tpQwWWv+zPxwYYS9ZLKv36ptnnL4w9Te7IqHyxFkEijxyYO6zyWbxe/yrDIhRh4i ayQ9RGpqWQk90A/CZCcJm+7DWJu67gU0RVaRVTzPsd1yXnLcpXkmcHJHyUDhHvOF PhfDIsXdNCqxkt4o/rUkkWM+wU9wIFP1L356QCHU/wtUJjvdfd6bLJH4fbcgaW3f tzzMRv1Vov78KRxZqdYK8EBJb1BELlHvjmTmkvPuXuflNJT9ioiEi+OM0it24GGI 8bl56KrPxkAlkkfKwJ/0ZKP1UJsHRjTvymV9LY1wNXUTl3TCDbccX4auFq8/r67G ohI5nhgOT0IHs/hn105LfKAa6IEGa+QvdAto31SYHhqKONkYIUw2XzTXLMgZGLlY u8QRi9IEd/lSK6M2gsWlGBB0zKZqymzyOOMJXEs/k+iwyenVp486/2Vv5xP3gX6B Q4NSW6DWU9Ke5XpAT4OkeE0DDSkr6LjsFTRZEudcNHeOmPAuoD9n/mtZOdXcpBqD 3qe/EjqmPSjrKNonWcubeeSonCX8Svxd9nCwTxrKaXHjKanNqWkjulW9+a/86TWT hDTrE8OIwAnv//kZc57ugNehEqEv9njlhFCI3UI4GFNyAyk7xkE6MDlQxWYqPwt7 ZTU8BFWwnF1wd1rAHijLZRvVCaOy279JrtoIKhfyPxicCZjlRUYDueu7cTe8hvrb YBeKobGzKuj4qqatKeGfb6zZvmt+FjbS17Z17O7dtGmb9RKTpAbYoipr7kRVCJtX 5pSUpzKFYAnHZAd1B058IjY3Vv4EZE/ugn1InxtAjJ84WaIzGXMG96rWyEYyyNGx 1gi0rygt2Cx9I5akDvmDAnxr6U8VLS/LUQKHp6vR6RU0+VpGn0CkQSgwZK4viEmf iBsCmHXbLp7K5hvdu3RXqDVjdEnnGP54NARu3u63E/HMs7VvXti0WFJqR1ZqnzIk y2kcJufPtDFMeLhXAIygF9RgIB/0RgLXQCivwGKaZRiBCWhRgUcWppuJpRiCeXVn 5KsTBWAEn/eGPtut9hCy9wjxCqYYXb/2/jT0l2ZOBKWx7bWsARa0OUxXRFeSONIt rcYAQHr4ta//pQVyi1wF15lTTLFMrhqKkwS7029deDSV7JuBX+hFObVWQT8c1zjq UQC269Da7pnps39JWrwukdqKRxyA9/GkyUHtntwKB6dxdEJ8OGtt90V92dUzkHxb 262WsoTQXWX6HMxgp9BDz7TOnAB4BjG1ACKud9GYjp5m46wxgbt5MP5tgSGAm4E=
    =4GJD
    -----END PGP SIGNATURE-----


    --
    To UNSUBSCRIBE, email to [email protected]
    with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)