Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 3360-1] icu security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 3360-1] icu security update


Chronologisch Thread 
    < Chronologisch >      < Thread >
  • From: Laszlo Boszormenyi (GCS) <gcs AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 3360-1] icu security update
  • Date: Tue, 15 Sep 2015 18:09:40 +0200
  • List-archive: <https://service.piratenpartei.de/pipermail/it-securitynotifies>
  • List-id: Sicherheitsankündigungen <it-securitynotifies.lists.piratenpartei.de>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-return-path: <alessandro AT ghedini.me>
  • Priority: urgent
  • Resent-date: Tue, 15 Sep 2015 16:10:55 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <mfKOwSKoa3K.A.iQH.PME-VB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3360-1 security AT debian.org
https://www.debian.org/security/ Laszlo Boszormenyi (GCS)
September 15, 2015 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : icu
CVE ID : CVE-2015-1270
Debian Bug : 798647

It was discovered that the International Components for Unicode (ICU)
library mishandles converter names starting with x- , which allows
remote attackers to cause a denial of service (read of uninitialized
memory) or possibly have unspecified other impact via a crafted file.

For the stable distribution (jessie), this problem has been fixed in
version 52.1-8+deb8u3.

For the testing distribution (stretch), this problem has been fixed
in version 55.1-5.

For the unstable distribution (sid), this problem has been fixed in
version 55.1-5.

We recommend that you upgrade your icu packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJV+ELBAAoJEK+lG9bN5XPLC24QAIXycfVpH1VzrqIOi7IzkmXf
aCJ9B+m/BWSmnEfVVm42w3u0gGd7wQZSbMi5azEdHYpec6g9Defc4XfVp8ngD9Gk
37Gha8gZZ4Sbxc1tXwMwwwyP2+E+6QDrNzniSwtCNgk4UV9VUSGCNhLJBva5tV1Y
JSeFVHTpl/Urj7CwdRYvlMIbVCTvcnS0FJ34LeylnXTa5k4Z2ZyO5o6a7Gd8YsAD
mGJ2VWA0axNgXXpGhazLfRPQ2PauLfqWN0VpMualqejMPZd2ABRUxrZ7eUuG4AGx
u0HsGnQAQrMn9ZUChTjX8HpDW7OH39B0Z0nVlSITeC4L5gK8SY5lHgmg8zV/Uk1L
jzTwsZty2wfyxsti8XXlY9UHKNcUjB+8bg8WdftzC765HCiNJOXJCGHeklIiHqk7
T5K2H7YuNPMqMuaqgYE7zbgu3JVY9ixNk9DV9aEsgDGjrcs9OXC5U0mkV/++VHlC
ebpcKw02aVEl2Yf7MbX+M0cLiCHo3RM56LQUa02SivwBC5gWULwaSKaRSasoEWEP
knrBzmC5rdyztXipe2undXFyJuACBAuemP8eQSLY7tpFecc52KKnKMN2lru9hzAj
CSXmOvUwwZGmKdwTCMM9RepCoqpNv7Y21ejxCAzUiZ9vjlzVEdRdIeUri/UqGm+E
24PlDUC7o0eS12jqWAVx
=ADH3
-----END PGP SIGNATURE-----



  • [IT-SecNots] [SECURITY] [DSA 3360-1] icu security update, GCS, 15.09.2015

Archiv bereitgestellt durch MHonArc 2.6.19.

Seitenanfang