Synopsis: Important: icu security update
Issue date: 2008-01-25
CVE Names: CVE-2007-4770 CVE-2007-4771
Will Drewry reported multiple flaws in the way libicu processed certain
malformed regular expressions. If an application linked against ICU, such
as OpenOffice.org, processed a carefully crafted regular expression, it may
be possible to execute arbitrary code as the user running the application.
(CVE-2007-4770, CVE-2007-4771)
SL 5.x
SRPMS:
icu-3.6-5.11.1.src.rpm
i386:
icu-3.6-5.11.1.i386.rpm
libicu-3.6-5.11.1.i386.rpm
libicu-devel-3.6-5.11.1.i386.rpm
libicu-doc-3.6-5.11.1.i386.rpm
x86_64:
icu-3.6-5.11.1.x86_64.rpm
libicu-3.6-5.11.1.i386.rpm
libicu-3.6-5.11.1.x86_64.rpm
libicu-devel-3.6-5.11.1.i386.rpm
libicu-devel-3.6-5.11.1.x86_64.rpm
libicu-doc-3.6-5.11.1.x86_64.rpm
-Connie Sieh
-Troy Dawson