Описание
Recommended update for icu
This update for icu fixes the following issue:
- Fix international date/time format output (a regression caused by the fix for CVE-2014-9911) (bsc#1037416).
Список пакетов
SUSE Linux Enterprise Server 11 SP4
libicu-4.0-47.3.2
libicu-32bit-4.0-47.3.2
libicu-doc-4.0-47.3.2
libicu-x86-4.0-47.3.2
SUSE Linux Enterprise Server for SAP Applications 11 SP4
libicu-4.0-47.3.2
libicu-32bit-4.0-47.3.2
libicu-doc-4.0-47.3.2
libicu-x86-4.0-47.3.2
SUSE Linux Enterprise Software Development Kit 11 SP4
icu-4.0-47.3.2
libicu-32bit-4.0-47.3.2
libicu-devel-4.0-47.3.2
libicu-devel-32bit-4.0-47.3.2
Ссылки
- Link for SUSE-RU-2018:0028-1
- E-Mail link for SUSE-RU-2018:0028-1
- SUSE Security Ratings
- SUSE Bug 1037416
- SUSE CVE CVE-2014-9911 page
Описание
Stack-based buffer overflow in the ures_getByKeyWithFallback function in common/uresbund.cpp in International Components for Unicode (ICU) before 54.1 for C/C++ allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted uloc_getDisplayName call.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:libicu-32bit-4.0-47.3.2
SUSE Linux Enterprise Server 11 SP4:libicu-4.0-47.3.2
SUSE Linux Enterprise Server 11 SP4:libicu-doc-4.0-47.3.2
SUSE Linux Enterprise Server 11 SP4:libicu-x86-4.0-47.3.2
Ссылки
- CVE-2014-9911
- SUSE Bug 1012224
- SUSE Bug 1012232