|
|
Subscribe / Log in / New account

Mageia alert MGASA-2015-0102 (icu)



From:
    	      Mageia Updates <buildsystem-daemon@mageia.org> 


To:
    	      updates-announce@ml.mageia.org 


Subject:
    	      [updates-announce] MGASA-2015-0102: Updated icu packages fix security vulnerability 


Date:
    	      Tue, 10 Mar 2015 17:48:49 +0100


Message-ID:
    	      <20150310164850.03CB940796@valstar.mageia.org>


MGASA-2015-0102 - Updated icu packages fix security vulnerability

Publication date: 10 Mar 2015
URL: http://advisories.mageia.org/MGASA-2015-0102.html
Type: security
Affected Mageia releases: 4
CVE: CVE-2014-6585,
     CVE-2014-6591

Description:
It was discovered that ICU incorrectly handled memory operations when
processing fonts. If an application using ICU processed crafted data, an
attacker could cause it to crash or potentially execute arbitrary code with
the privileges of the user invoking the program (CVE-2014-6585,
CVE-2014-6591).

References:
- https://bugs.mageia.org/show_bug.cgi?id=15435
- http://www.ubuntu.com/usn/usn-2522-1/
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591

SRPMS:
- 4/core/icu-52.1-2.2.mga4
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds