The International Components for Unicode (ICU) library provides robust and
full-featured Unicode services.
Will Drewry reported multiple flaws in the way libicu processed certain
malformed regular expressions. If an application linked against ICU, such
as OpenOffice.org, processed a carefully crafted regular expression, it may
be possible to execute arbitrary code as the user running the application.
(CVE-2007-4770, CVE-2007-4771)
All users of icu should upgrade to these updated packages, which contain
backported patches to resolve these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | x86_64 | libicu | < 3.6-5.11.1 | libicu-3.6-5.11.1.x86_64.rpm |
RedHat | any | ia64 | libicu-devel | < 3.6-5.11.1 | libicu-devel-3.6-5.11.1.ia64.rpm |
RedHat | any | s390x | libicu | < 3.6-5.11.1 | libicu-3.6-5.11.1.s390x.rpm |
RedHat | any | ia64 | icu | < 3.6-5.11.1 | icu-3.6-5.11.1.ia64.rpm |
RedHat | any | s390 | libicu-devel | < 3.6-5.11.1 | libicu-devel-3.6-5.11.1.s390.rpm |
RedHat | any | x86_64 | libicu-devel | < 3.6-5.11.1 | libicu-devel-3.6-5.11.1.x86_64.rpm |
RedHat | any | x86_64 | icu | < 3.6-5.11.1 | icu-3.6-5.11.1.x86_64.rpm |
RedHat | any | ppc64 | libicu | < 3.6-5.11.1 | libicu-3.6-5.11.1.ppc64.rpm |
RedHat | any | s390x | libicu-doc | < 3.6-5.11.1 | libicu-doc-3.6-5.11.1.s390x.rpm |
RedHat | any | ppc | libicu-devel | < 3.6-5.11.1 | libicu-devel-3.6-5.11.1.ppc.rpm |