- Detalji os-a: WN7
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: LUB
==========================================================================
Ubuntu Security Notice USN-2740-1
September 16, 2015
icu vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 15.04
– Ubuntu 14.04 LTS
– Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in ICU.
Software Description:
– icu: International Components for Unicode library
Details:
Atte Kettunen discovered that ICU incorrectly handled certain converter
names. If an application using ICU processed crafted data, a remote
attacker could possibly cause it to crash. (CVE-2015-1270)
It was discovered that ICU incorrectly handled certain memory operations
when processing data. If an application using ICU processed crafted data,
a remote attacker could possibly cause it to crash or potentially execute
arbitrary code with the privileges of the user invoking the program.
(CVE-2015-2632, CVE-2015-4760)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 15.04:
libicu52 52.1-8ubuntu0.2
Ubuntu 14.04 LTS:
libicu52 52.1-3ubuntu0.4
Ubuntu 12.04 LTS:
libicu48 4.8.1.1-3ubuntu0.6
In general, a standard system update will make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2740-1
CVE-2015-1270, CVE-2015-2632, CVE-2015-4760
Package Information:
https://launchpad.net/ubuntu/+source/icu/52.1-8ubuntu0.2
https://launchpad.net/ubuntu/+source/icu/52.1-3ubuntu0.4
https://launchpad.net/ubuntu/+source/icu/4.8.1.1-3ubuntu0.6
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2
iQIcBAEBCgAGBQJV+aw/AAoJEGVp2FWnRL6TQmQQAKfAws4bDqZhgWrP3rddzFYS
uBd786eMpK3Wp2rRwmrXjs5qJd24JHgkQ8OBlfXatRj/0jUtRUqS9v+y7bE0UAKY
0tR+RX3Pd2FdeFAPPmQkjiVqahYsWJZM/6V7og3nqiKTI6/WwGhUjP9tw5JSFjsl
t69k2kQKY9HhYYy4aRRlVMMWheLU0vb06oUHocaXJwqpTL+/yyP6GwEJUkv4pab6
3ZfHPzxMHdiAg51vS48uj1v/e2N/xXMaUzE2wHJHgYTLI5SIZjxLLRc+fkkE2pk0
LFZqzTsdD37vVeuGBAvbG3CHWhuG9HZpUDnxyCxq37oqMMM7BQCcEq9TU2ZTZr3N
v89o5fBm/p/K8OHtCjvlFs220OxzV4DgP6hmqIQqQRrYQH/YbqUl7jRUauZ7iCpf
8Fkn+f7U7/RQWe1K9UCcN68WVMwHtriTvlFVlGPwTiXXgt0DmbFDJZMYh/noLOOe
RCrs2izdONcEotPvEHqFfyicniKtKKwS4CxKD3VaHscshYop8mvCouUn7ybubxuH
194Nf1BvsBq3H3N/Pz8qk+P0yIk9aQKlcZLMnynbnTDp3iTBMWYuaqnH1YYieYeX
2l1EXlva3VI3oQtr/YfB3sALz63taQPNxEUzmZoJZwbXHhZnm2YFgTzTqcQZzCdS
wvb2Etp/gAY8MXlWH4qS
=lW6P
—–END PGP SIGNATURE—–
—
| Autor | Marko Stanec |
| Cert id | NCERT-REF-2015-09-0005-ADV |
| Cve | CERT-CVE-DUMMY |
| ID izvornika | CERT-ORIGID-DUMMY |
| Proizvod | CERT-DUMMY-PRODUCT |
| Izvor | http://www.adobe.com/ |
