Synopsis:	Important: icu security update
Issue date:	2008-01-25
CVE Names:	CVE-2007-4770 CVE-2007-4771

Will Drewry reported multiple flaws in the way libicu processed certain
malformed regular expressions. If an application linked against ICU, such
as OpenOffice.org, processed a carefully crafted regular expression, it may
be possible to execute arbitrary code as the user running the application.
(CVE-2007-4770, CVE-2007-4771)

SL 5.x

    SRPMS:
icu-3.6-5.11.1.src.rpm
    i386:
icu-3.6-5.11.1.i386.rpm
libicu-3.6-5.11.1.i386.rpm
libicu-devel-3.6-5.11.1.i386.rpm
libicu-doc-3.6-5.11.1.i386.rpm
    x86_64:
icu-3.6-5.11.1.x86_64.rpm
libicu-3.6-5.11.1.i386.rpm
libicu-3.6-5.11.1.x86_64.rpm
libicu-devel-3.6-5.11.1.i386.rpm
libicu-devel-3.6-5.11.1.x86_64.rpm
libicu-doc-3.6-5.11.1.x86_64.rpm

-Connie Sieh
-Troy Dawson