Synopsis: Important: icu security update Issue date: 2008-01-25 CVE Names: CVE-2007-4770 CVE-2007-4771 Will Drewry reported multiple flaws in the way libicu processed certain malformed regular expressions. If an application linked against ICU, such as OpenOffice.org, processed a carefully crafted regular expression, it may be possible to execute arbitrary code as the user running the application. (CVE-2007-4770, CVE-2007-4771) SL 5.x SRPMS: icu-3.6-5.11.1.src.rpm i386: icu-3.6-5.11.1.i386.rpm libicu-3.6-5.11.1.i386.rpm libicu-devel-3.6-5.11.1.i386.rpm libicu-doc-3.6-5.11.1.i386.rpm x86_64: icu-3.6-5.11.1.x86_64.rpm libicu-3.6-5.11.1.i386.rpm libicu-3.6-5.11.1.x86_64.rpm libicu-devel-3.6-5.11.1.i386.rpm libicu-devel-3.6-5.11.1.x86_64.rpm libicu-doc-3.6-5.11.1.x86_64.rpm -Connie Sieh -Troy Dawson