Login
Newsletter
Werbung

Sicherheit: Zahlenüberlauf in International Components for Unicode (C/C++)
Aktuelle Meldungen Distributionen
Name: Zahlenüberlauf in International Components for Unicode (C/C++)
ID: DSA-4150-1
Distribution: Debian
Plattformen: Debian jessie, Debian stretch
Datum: Sa, 24. März 2018, 10:56
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15422
Applikationen: International Components for Unicode (C/C++)

Originalnachricht

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4150-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
March 23, 2018 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : icu
CVE ID : CVE-2017-15422

It was discovered that an integer overflow in the International
Components for Unicode (ICU) library could result in denial of service
and potentially the execution of arbitrary code.

For the oldstable distribution (jessie), this problem has been fixed
in version 52.1-8+deb8u7.

For the stable distribution (stretch), this problem has been fixed in
version 57.1-6+deb9u2.

We recommend that you upgrade your icu packages.

For the detailed security status of icu please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/icu

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlq1S1kACgkQEMKTtsN8
TjaZBRAAqb8vCWHAm32dQ7QsiIuoCOk1t1bzRm6ZKAm6U3YVaTPFSQrfBlT7OZZU
416HuwRCMg1gVivNdyeDgch+f0cu6GeMkCNRrcBsvIOHjP3fvhdpU2M6667XOS0J
anmlRtD6jkLdLF3kxUcGCpu/DozR+SsuhRT8FZ07yPw4USWVJqwbInV9l8cd4bil
iHeDizc0aOaKtlsGmN1XJixw9oyObIlvK9yWcqlQI1ijSpAGEMBI7XBNRB8yF/DL
IJNDa15wpAUSLq9wDtYu0KzwFIQIc+q2R+EQdaljsXvPTZM/neiC9nmz1TNoGI/+
knnpWe4G5OcsIbe9mAFMl7H+ppzT+OxCXQWval56w1YKrDVWFVRY3YnUTIHub9lz
brCBI24n5rIzcwC5KHvxZGUTepib5pqELbq1hWhrZAH/zoh0M/nUTCrnXN1ae6m/
CWP+vWOtzqE2fO4fgPCrP6SrG2cVPXD+jl+xr/gvPiI775GbNpGkl7cxNFj5eonG
2tt004DjfRL1WAgFBHlb8ZsulHHpiTTaEJNXf8J9qG1ULYYpYhpOeYLHroiUHajR
sJgCECS18DKMkG55bnzq3702pu1UMcS5G3zkhpGmw102mxhArUHz/dDEAA8F3x5O
5gbU4E0Baf9m8LY595ana1lskzM4nonKerCpUWqz7xCDY39OK2o=
=wef5
-----END PGP SIGNATURE-----
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung