Advisories ยป MGASA-2015-0297

Updated icu package fixes security vulnerability

Publication date: 31 Jul 2015
Type: security
Affected Mageia releases : 4 , 5
CVE: CVE-2015-4760

Description

It was discovered that ICU Layout Engine was missing multiple boundary
checks. These could lead to buffer overflows memory corruption. A
specially crafted file could cause an application using ICU to parse
untrusted font files to crash and, possibly, execute arbitrary code
(CVE-2015-4760).
                

References

SRPMS

4/core

5/core