Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2015:1144-1

Опубликовано: 18 июн. 2015
Источник: suse-cvrf

Описание

Security update for icu

This update fixes the following security issue in icu:

* CVE-2014-9654: insufficient size limit checks in regular expression compiler (bsc#917129)

Security Issues:

* CVE-2014-9654 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654>

Список пакетов

SUSE Linux Enterprise Desktop 11 SP3
icu-4.0-7.28.1
libicu-4.0-7.28.1
SUSE Linux Enterprise Server 11 SP3
libicu-4.0-7.28.1
libicu-32bit-4.0-7.28.1
libicu-doc-4.0-7.28.1
libicu-x86-4.0-7.28.1
SUSE Linux Enterprise Server 11 SP3-TERADATA
libicu-4.0-7.28.1
libicu-32bit-4.0-7.28.1
libicu-doc-4.0-7.28.1
libicu-x86-4.0-7.28.1
SUSE Linux Enterprise Server for SAP Applications 11 SP3
libicu-4.0-7.28.1
libicu-32bit-4.0-7.28.1
libicu-doc-4.0-7.28.1
libicu-x86-4.0-7.28.1
SUSE Linux Enterprise Software Development Kit 11 SP3
icu-4.0-7.28.1
libicu-32bit-4.0-7.28.1
libicu-devel-4.0-7.28.1
libicu-devel-32bit-4.0-7.28.1

Ссылки

Описание

The Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted string, a related issue to CVE-2014-7923.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:icu-4.0-7.28.1
SUSE Linux Enterprise Desktop 11 SP3:libicu-4.0-7.28.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:libicu-32bit-4.0-7.28.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:libicu-4.0-7.28.1
Ссылки