[ MDVSA-2015:161-1 ] icu

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                       MDVSA-2015:161-1
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : icu
 Date    : April 2, 2015
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Updated icu packages fix security vulnerabilities:
 
 The Regular Expressions package in International Components for Unicode
 (ICU) 52 before SVN revision 292944 allows remote attackers to cause
 a denial of service (memory corruption) or possibly have unspecified
 other impact via vectors related to a zero-length quantifier or
 look-behind expression (CVE-2014-7923, CVE-2014-7926).
 
 The collator implementation in i18n/ucol.cpp in International
 Components for Unicode (ICU) 52 through SVN revision 293126 does not
 initialize memory

007 Software

[ MDVSA-2015:161-1 ] icu

Leave a Reply Cancel reply

Software and Security Information