Summary: | <dev-libs/icu-53: two memory corruptions (CVE-2014-{7923,7926,7940}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | ||
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://googlechromereleases.blogspot.com/2015/01/stable-update.html | ||
Whiteboard: | A3 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2015-01-24 15:51:57 UTC
and: [$1000][433866] Medium CVE-2014-7940: Uninitialized-value in ICU. Credit to miaubiz. CVE-2014-7923 From NIST: "The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a (1) zero-length quantifier or (2) look-behind expression, a different vulnerability than CVE-2014-7926." I.e. affects <53 CVE-2014-7926 From NIST: "The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a (1) zero-length quantifier or (2) look-behind expression, a different vulnerability than CVE-2014-7923." I.e. affects <53 CVE-2014-7940 From NIST: "The collator implementation in i18n/ucol.cpp in International Components for Unicode (ICU) 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted character sequence." I.e. affects <53 Please help kick remaining arches in bug 523164 We stabilize even newer dev-libs/54.1-r1 in bug 539108 (where this is fixed too). All vulnerable versions removed. Office out. GLSA for ICU already exist, adding this to the GLSA. This issue was resolved and addressed in GLSA 201503-06 at https://security.gentoo.org/glsa/201503-06 by GLSA coordinator Kristian Fiskerstrand (K_F). |