Univention Bugzilla – Bug 44415
icu: Multiple issues (4.2)
Last modified: 2017-12-14 12:55:52 CET
Upstream Debian package version 52.1-8+deb8u5 fixes these issues: * out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function (CVE-2017-7867) * out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function (CVE-2017-7868)
Upstream Debian package version 52.1-8+deb8u6 fixes: * Backport upstream security fix for CVE-2017-14952: double free in createMetazoneMappings()
Imported and built. Advisory: https://git.knut.univention.de/univention/ucs/blob/4.2-3/doc/errata/staging/icu.yaml
Installation: OK YAML: OK Verified
<http://errata.software-univention.de/ucs/4.2/247.html>