Updated icu package fixes security vulnerability
Publication date: 31 Jul 2015Modification date: 31 Jul 2015
Type: security
Affected Mageia releases : 4 , 5
CVE: CVE-2015-4760
Description
It was discovered that ICU Layout Engine was missing multiple boundary
checks. These could lead to buffer overflows memory corruption. A
specially crafted file could cause an application using ICU to parse
untrusted font files to crash and, possibly, execute arbitrary code
(CVE-2015-4760).
References
SRPMS
5/core
- icu-53.1-12.2.mga5
4/core
- icu-52.1-2.5.mga4