Summary: | <dev-libs/icu-55.1: Multiple vulnerabilities - integer and heap overflows (CVE-2014-{8146,8147}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Arfrever Frehtes Taifersar Arahesis <arfrever.fta> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | hanno |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | All | ||
URL: | https://raw.githubusercontent.com/pedrib/PoC/master/generic/i-c-u-fail.txt | ||
Whiteboard: | A2 [glsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Arfrever Frehtes Taifersar Arahesis
2015-04-10 10:24:38 UTC
This also fixes two security issues, so changing this to be a security bug. Details in URL, CVEs are already assigned. changing to A3 -> A2 because of possible code execution. Guys, this is FIXED in 55.1, and this means the vulnerability is in <55.1 Please be careful when changing the titles... Test-building 55.1 and revdeps locally. Bumped as ~arch. Lets wait a few days to check for breakage and then stabilize. Let's sync this with bug 547900 (libreoffice-4.4.3.2 stabilization) because of libreoffice-bin. In preparation. Arches please stabilize Target: all stable arches (amd64 and x86 are handled in bug 547900) =dev-libs/icu-55.1 alpha stable Stable for PPC64. arm stable Stable for HPPA. CVE-2014-8147 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8147): The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 uses an integer data type that is inconsistent with a header file, which allows remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text. CVE-2014-8146 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8146): The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track directionally isolated pieces of text, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text. ia64 stable sparc stable ppc stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. Arches and Maintainer(s), Thank you for your work. New GLSA Request filed. Maintainer(s), please drop the vulnerable version(s). This issue was resolved and addressed in GLSA 201507-04 at https://security.gentoo.org/glsa/201507-04 by GLSA coordinator Mikle Kolyada (Zlogene). Re-opening for Cleanup. Maintainer please drop version 54.1-r1 so we can close bug. Maintainer(s), please drop the vulnerable version(s). Maintainer(s), please drop the vulnerable version(s). Maintainer(s), Thank you for you for cleanup. Nothing to do here for office anymore |