Summary: | <dev-libs/icu-58.1: Out-of-bounds access in uloc_acceptLanguageFromHTTP (CVE-2016-6293) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | nobrowser |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1360339 | ||
See Also: | https://bugs.gentoo.org/show_bug.cgi?id=599094 | ||
Whiteboard: | A2 [glsa cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 594494, 603792 | ||
Bug Blocks: |
Description
Agostino Sarubbo
2016-07-27 07:58:28 UTC
This was fixed in v58.1 (see http://site.icu-project.org/security) which is available in Gentoo repository since https://gitweb.gentoo.org/repo/gentoo.git/commit/dev-libs/icu?id=b4293900b8325feb1be4ad127dd4823ed022985d Stabilization will happen in bug 594494. *** Bug 601398 has been marked as a duplicate of this bug. *** Cleanup done. Office out. Had to revert the cleanup since it depends on bug 603792 Added to existing GLSA request. Cleanup will happen as part of bug 594494. This issue was resolved and addressed in GLSA 201701-58 at https://security.gentoo.org/glsa/201701-58 by GLSA coordinator Aaron Bauman (b-man). |