You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa icu

Sigurnosni nedostaci programskog paketa icu

by ncert - 0

==========================================================================
Ubuntu Security Notice USN-2740-1
September 16, 2015

icu vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 15.04
– Ubuntu 14.04 LTS
– Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in ICU.

Software Description:
– icu: International Components for Unicode library

Details:

Atte Kettunen discovered that ICU incorrectly handled certain converter
names. If an application using ICU processed crafted data, a remote
attacker could possibly cause it to crash. (CVE-2015-1270)

It was discovered that ICU incorrectly handled certain memory operations
when processing data. If an application using ICU processed crafted data,
a remote attacker could possibly cause it to crash or potentially execute
arbitrary code with the privileges of the user invoking the program.
(CVE-2015-2632, CVE-2015-4760)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 15.04:
libicu52 52.1-8ubuntu0.2

Ubuntu 14.04 LTS:
libicu52 52.1-3ubuntu0.4

Ubuntu 12.04 LTS:
libicu48 4.8.1.1-3ubuntu0.6

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2740-1
CVE-2015-1270, CVE-2015-2632, CVE-2015-4760

Package Information:
https://launchpad.net/ubuntu/+source/icu/52.1-8ubuntu0.2
https://launchpad.net/ubuntu/+source/icu/52.1-3ubuntu0.4
https://launchpad.net/ubuntu/+source/icu/4.8.1.1-3ubuntu0.6

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAEBCgAGBQJV+aw/AAoJEGVp2FWnRL6TQmQQAKfAws4bDqZhgWrP3rddzFYS
uBd786eMpK3Wp2rRwmrXjs5qJd24JHgkQ8OBlfXatRj/0jUtRUqS9v+y7bE0UAKY
0tR+RX3Pd2FdeFAPPmQkjiVqahYsWJZM/6V7og3nqiKTI6/WwGhUjP9tw5JSFjsl
t69k2kQKY9HhYYy4aRRlVMMWheLU0vb06oUHocaXJwqpTL+/yyP6GwEJUkv4pab6
3ZfHPzxMHdiAg51vS48uj1v/e2N/xXMaUzE2wHJHgYTLI5SIZjxLLRc+fkkE2pk0
LFZqzTsdD37vVeuGBAvbG3CHWhuG9HZpUDnxyCxq37oqMMM7BQCcEq9TU2ZTZr3N
v89o5fBm/p/K8OHtCjvlFs220OxzV4DgP6hmqIQqQRrYQH/YbqUl7jRUauZ7iCpf
8Fkn+f7U7/RQWe1K9UCcN68WVMwHtriTvlFVlGPwTiXXgt0DmbFDJZMYh/noLOOe
RCrs2izdONcEotPvEHqFfyicniKtKKwS4CxKD3VaHscshYop8mvCouUn7ybubxuH
194Nf1BvsBq3H3N/Pz8qk+P0yIk9aQKlcZLMnynbnTDp3iTBMWYuaqnH1YYieYeX
2l1EXlva3VI3oQtr/YfB3sALz63taQPNxEUzmZoJZwbXHhZnm2YFgTzTqcQZzCdS
wvb2Etp/gAY8MXlWH4qS
=lW6P
—–END PGP SIGNATURE—–

ncert
Top
More in Preporuke
Nadogradnja za moodle

Izdana je nadogradnja koja otklanja višestruke ranjivosti u programskom paketu moodle za Fedoru. Zahvaćene su razne komponente Moodlea, a ovisno...

Close