ID CVE-2014-8146
Summary The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track directionally isolated pieces of text, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text.
References
Vulnerable Configurations
  • Apple iTunes 12.1.3
    cpe:2.3:a:apple:itunes:12.1.3
  • Apple iPhone OS 8.2
    cpe:2.3:o:apple:iphone_os:8.2
  • Apple Mac OS X 10.10.4
    cpe:2.3:o:apple:mac_os_x:10.10.4
  • Apple WatchOS 1.0.1
    cpe:2.3:o:apple:watchos:1.0.1
  • ICU Project International Components for Unicode for C/C++ 1.4
    cpe:2.3:a:icu-project:international_components_for_unicode:1.4:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 1.4.1
    cpe:2.3:a:icu-project:international_components_for_unicode:1.4.1:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 1.4.1.1
    cpe:2.3:a:icu-project:international_components_for_unicode:1.4.1.1:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 1.4.1.2
    cpe:2.3:a:icu-project:international_components_for_unicode:1.4.1.2:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 1.4.2
    cpe:2.3:a:icu-project:international_components_for_unicode:1.4.2:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 1.5
    cpe:2.3:a:icu-project:international_components_for_unicode:1.5:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 1.6
    cpe:2.3:a:icu-project:international_components_for_unicode:1.6:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 1.7
    cpe:2.3:a:icu-project:international_components_for_unicode:1.7:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 1.8
    cpe:2.3:a:icu-project:international_components_for_unicode:1.8:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 1.8.1
    cpe:2.3:a:icu-project:international_components_for_unicode:1.8.1:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 2.0
    cpe:2.3:a:icu-project:international_components_for_unicode:2.0:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 2.0.1
    cpe:2.3:a:icu-project:international_components_for_unicode:2.0.1:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 2.0.2
    cpe:2.3:a:icu-project:international_components_for_unicode:2.0.2:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 2.1
    cpe:2.3:a:icu-project:international_components_for_unicode:2.1:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 2.2
    cpe:2.3:a:icu-project:international_components_for_unicode:2.2:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 2.4
    cpe:2.3:a:icu-project:international_components_for_unicode:2.4:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 2.6
    cpe:2.3:a:icu-project:international_components_for_unicode:2.6:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 2.6.1
    cpe:2.3:a:icu-project:international_components_for_unicode:2.6.1:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 2.6.2
    cpe:2.3:a:icu-project:international_components_for_unicode:2.6.2:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 2.8
    cpe:2.3:a:icu-project:international_components_for_unicode:2.8:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 3.0
    cpe:2.3:a:icu-project:international_components_for_unicode:3.0:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 3.2
    cpe:2.3:a:icu-project:international_components_for_unicode:3.2:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 3.2.1
    cpe:2.3:a:icu-project:international_components_for_unicode:3.2.1:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 3.4
    cpe:2.3:a:icu-project:international_components_for_unicode:3.4:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 3.4.1
    cpe:2.3:a:icu-project:international_components_for_unicode:3.4.1:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 3.6
    cpe:2.3:a:icu-project:international_components_for_unicode:3.6:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 3.8
    cpe:2.3:a:icu-project:international_components_for_unicode:3.8:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 3.8.1
    cpe:2.3:a:icu-project:international_components_for_unicode:3.8.1:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 4.0
    cpe:2.3:a:icu-project:international_components_for_unicode:4.0:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 4.0.1
    cpe:2.3:a:icu-project:international_components_for_unicode:4.0.1:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 4.2
    cpe:2.3:a:icu-project:international_components_for_unicode:4.2:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 4.2.0.1
    cpe:2.3:a:icu-project:international_components_for_unicode:4.2.0.1:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 4.4.1
    cpe:2.3:a:icu-project:international_components_for_unicode:4.4.1:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 4.4.2
    cpe:2.3:a:icu-project:international_components_for_unicode:4.4.2:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 4.4.2.1
    cpe:2.3:a:icu-project:international_components_for_unicode:4.4.2.1:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 4.6
    cpe:2.3:a:icu-project:international_components_for_unicode:4.6:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 4.6.1
    cpe:2.3:a:icu-project:international_components_for_unicode:4.6.1:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 4.8
    cpe:2.3:a:icu-project:international_components_for_unicode:4.8:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 4.8.1
    cpe:2.3:a:icu-project:international_components_for_unicode:4.8.1:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 4.8.1.1
    cpe:2.3:a:icu-project:international_components_for_unicode:4.8.1.1:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 49.1
    cpe:2.3:a:icu-project:international_components_for_unicode:49.1:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 49.1.1
    cpe:2.3:a:icu-project:international_components_for_unicode:49.1.1:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 49.1.2
    cpe:2.3:a:icu-project:international_components_for_unicode:49.1.2:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 50.1
    cpe:2.3:a:icu-project:international_components_for_unicode:50.1:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 50.1.1
    cpe:2.3:a:icu-project:international_components_for_unicode:50.1.1:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 50.1.2
    cpe:2.3:a:icu-project:international_components_for_unicode:50.1.2:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 51.1
    cpe:2.3:a:icu-project:international_components_for_unicode:51.1:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 51.2
    cpe:2.3:a:icu-project:international_components_for_unicode:51.2:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 52.1
    cpe:2.3:a:icu-project:international_components_for_unicode:52.1:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 53.1
    cpe:2.3:a:icu-project:international_components_for_unicode:53.1:-:-:-:-:c%2fc%2b%2b
  • ICU Project International Components for Unicode for C/C++ 54.1
    cpe:2.3:a:icu-project:international_components_for_unicode:54.1:-:-:-:-:c%2fc%2b%2b
CVSS
Base: 7.5 (as of 05-04-2016 - 11:04)
Impact:
Exploitability:
CWE CWE-119
CAPEC
  • Buffer Overflow via Environment Variables
    This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
  • Overflow Buffers
    Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
  • Client-side Injection-induced Buffer Overflow
    This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
  • Filter Failure through Buffer Overflow
    In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
  • MIME Conversion
    An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.
  • Overflow Binary Resource File
    An attack of this type exploits a buffer overflow vulnerability in the handling of binary resources. Binary resources may include music files like MP3, image files like JPEG files, and any other binary file. These attacks may pass unnoticed to the client machine through normal usage of files, such as a browser loading a seemingly innocent JPEG file. This can allow the attacker access to the execution stack and execute arbitrary code in the target process. This attack pattern is a variant of standard buffer overflow attacks using an unexpected vector (binary files) to wrap its attack and open up a new attack vector. The attacker is required to either directly serve the binary content to the victim, or place it in a locale like a MP3 sharing application, for the victim to download. The attacker then is notified upon the download or otherwise locates the vulnerability opened up by the buffer overflow.
  • Buffer Overflow via Symbolic Links
    This type of attack leverages the use of symbolic links to cause buffer overflows. An attacker can try to create or manipulate a symbolic link file such that its contents result in out of bounds data. When the target software processes the symbolic link file, it could potentially overflow internal buffers with insufficient bounds checking.
  • Overflow Variables and Tags
    This type of attack leverages the use of tags or variables from a formatted configuration data to cause buffer overflow. The attacker crafts a malicious HTML page or configuration file that includes oversized strings, thus causing an overflow.
  • Buffer Overflow via Parameter Expansion
    In this attack, the target software is given input that the attacker knows will be modified and expanded in size during processing. This attack relies on the target software failing to anticipate that the expanded data may exceed some internal limit, thereby creating a buffer overflow.
  • Buffer Overflow in an API Call
    This attack targets libraries or shared code modules which are vulnerable to buffer overflow attacks. An attacker who has access to an API may try to embed malicious code in the API function call and exploit a buffer overflow vulnerability in the function's implementation. All clients that make use of the code library thus become vulnerable by association. This has a very broad effect on security across a system, usually affecting more than one software process.
  • Buffer Overflow in Local Command-Line Utilities
    This attack targets command-line utilities available in a number of shells. An attacker can leverage a vulnerability found in a command-line utility to escalate privilege to root.
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
exploit-db via4
description ICU library 52 < 54 - Multiple Vulnerabilities. CVE-2014-8146,CVE-2014-8147. Local exploit for Multiple platform
id EDB-ID:43887
last seen 2018-01-25
modified 2015-06-10
published 2015-06-10
reporter Exploit-DB
source https://www.exploit-db.com/download/43887/
title ICU library 52 < 54 - Multiple Vulnerabilities
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2017-1011.NASL
    description icu was updated to fix two security issues. These security issues were fixed : - CVE-2014-8147: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) used an integer data type that is inconsistent with a header file, which allowed remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text (bsc#929629). - CVE-2014-8146: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) did not properly track directionally isolated pieces of text, which allowed remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text (bsc#929629). This update was imported from the SUSE:SLE-12:Update update project.
    last seen 2019-02-21
    modified 2017-09-06
    plugin id 102967
    published 2017-09-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102967
    title openSUSE Security Update : icu (openSUSE-2017-1011)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3323.NASL
    description Several vulnerabilities were discovered in the International Components for Unicode (ICU) library. - CVE-2014-8146 The Unicode Bidirectional Algorithm implementation does not properly track directionally isolated pieces of text, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text. - CVE-2014-8147 The Unicode Bidirectional Algorithm implementation uses an integer data type that is inconsistent with a header file, which allows remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text. - CVE-2015-4760 The Layout Engine was missing multiple boundary checks. These could lead to buffer overflows and memory corruption. A specially crafted file could cause an application using ICU to parse untrusted font files to crash and, possibly, execute arbitrary code. Additionally, it was discovered that the patch applied to ICU in DSA-3187-1 for CVE-2014-6585 was incomplete, possibly leading to an invalid memory access. This could allow remote attackers to disclose portion of private memory via crafted font files.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 85162
    published 2015-08-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=85162
    title Debian DSA-3323-1 : icu - security update
  • NASL family Peer-To-Peer File Sharing
    NASL id ITUNES_12_3_0_BANNER.NASL
    description The version of Apple iTunes running on the remote host is prior to 12.3. It is, therefore, affected by multiple vulnerabilities in the WebKit, CoreText, and ICU components, and in the bundled version of the Microsoft Visual Studio C++ Redistributable Package. An attacker can exploit these vulnerabilities to cause a denial of service, execute arbitrary code, or gain access to encrypted SMB credentials. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 86601
    published 2015-10-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=86601
    title Apple iTunes < 12.3 Multiple Vulnerabilities (uncredentialed check)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-2605-1.NASL
    description Pedro Ribeiro discovered that ICU incorrectly handled certain memory operations when processing data. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 83345
    published 2015-05-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=83345
    title Ubuntu 14.04 LTS / 14.10 / 15.04 : icu vulnerabilities (USN-2605-1)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-273.NASL
    description This update for LibreOffice and some library dependencies (cmis-client, libetonyek, libmwaw, libodfgen, libpagemaker, libreoffice-share-linker, mdds, libwps) fixes the following issues : Changes in libreoffice : - Provide l10n-pt from pt-PT - boo#945047 - LO-L3: LO is duplicating master pages, extended fix - boo#951579 - LO-L3: [LibreOffice] Calc 5.0 fails to open ods files - deleted RPATH prevented loading of bundled 3rd party RDF handler libs - Version update to 5.0.4.2 : - Final of the 5.0.4 series - boo#945047 - LO-L3: LO is duplicating master pages - Version update to 5.0.4.1 : - rc1 of 5.0.4 with various regression fixes - boo#954345 - LO-L3: Insert-->Image-->Insert as Link hangs writer - Version update to 5.0.3.2 : - Final tag of 5.0.3 release - Fix boo#939996 - LO-L3: Some bits from DOCX file are not imported - Fix boo#889755 - LO-L3: PPTX: chart axis number format incorrect - boo#679938 - LO-L3: saving to doc file the chapter name in the header does not change with chapters - Version update to 5.0.3RC1 as it should fix i586 test failure - Update text2number extension to 1.5.0 - obsolete libreoffice-mono - pentaho-flow-reporting require is conditional on system_libs - Update icon theme dependencies - https://lists.debian.org/debian-openoffice/2015/09/msg00343.html - Version bump to 5.0.2 final fate#318856 fate#319071 boo#943075 boo#945692 : - Small tweaks compared to rc1 - For sake of completion this release also contains security fixes for boo#910806 CVE-2014-8147, boo#907636 CVE-2014-9093, boo#934423 CVE-2015-4551, boo#910805 CVE-2014-8146, boo#940838 CVE-2015-5214, boo#936190 CVE-2015-5213, boo#936188 CVE-2015-5212, boo#934423 CVE-2015-45513, boo#934423 CVE-2015-4551, boo#910805 CVE-2014-8146, boo#940838 CVE-2015-5214, boo#936190 CVE-2015-5213, boo#936188 CVE-2015-5212, boo#934423 CVE-2015-45513, boo#934423 CVE-2015-4551, boo#910805 CVE-2014-8146, boo#940838 CVE-2015-5214, boo#936190 CVE-2015-5213, boo#936188 CVE-2015-5212, boo#934423 CVE-2015-4551 - Use gcc48 to build on sle11sp4 - Make debuginfo's smaller on IBS. - Fix chrpath call after the libs got -lo suffixing - Add patch to fix qt4 features detection : - kde4filepicker.patch - Split out gtk3 UI to separate subpkg that requires gnome subpkg - This is to allow people to test gtk3 while it not being default - Version update to 5.0.2 rc1 : - Various small tweaks and integration of our SLE11 patchsets - Update constraints to 30 GB on disk - Version bump to 5.0.1 rc2 : - breeze icons extension - Credits update - Various small fixes - Version bump to 5.0.1 rc1 : - Various small fixes - Has some commits around screen rendering -> could fix kde bugs - Kill branding-openSUSE, stick to TDF branding. - Version bump to 5.0 rc5 : - Bunch of final touchups here and there - Remove some upstreamed patches : - old-cairo.patch - Add explicit requires over libmysqlclient_r18, should cover boo#829430 - Add patch to build with old cairo (sle11). - Version bump to 5.0 rc3 : - Various more fixes closing on the 5.0 release - Update to 5.0 rc2 : - Few small fixes and updates in internal libraries - Version bump to 5.0 rc1, remove obsolete patches : - 0001-Fix-could-not-convert-.-const-char-to-const-rtl-OUS t.patch - 0001-writerperfect-fix-gcc-4.7-build.patch - More chrpat love for sle11 - Add python-importlib to build/requirements on py2 distros - Provide/obsolete crystal icons so they are purged and not left over - Fix breeze icons handling, drop crystal icons. - Version bump to 5.0.0.beta3 : - Drop merged patch 0001-Make-cpp-poppler-version.h-header-optional.patch - Update some internal tarballs so we keep building - based on these bumps update the buildrequires too - Generate python cache files wrt boo#929793 - Update %post scriptlets to work on sle11 again - Split out the share -> lib linker to hopefully allow sle11 build - One more fix for help handling boo#915996 - Version bump to 4.4.3 release : - Various small fixes all around - Disable verbose build to pass check on maximal size of log - We need pre/post for libreoffice in langpkgs - Use old java for detection and old commons-lang/codec to pass brp check on java from sle11 - 0001-Make-HAVE_JAVA6-be-always-false.patch - Revert last changeset, it is caused by something else this time : - 0001-Set-source-and-target-params-for-java.patch - Set source/target for javac when building to work on SLE11 : - 0001-Set-source-and-target-params-for-java.patch - Try to deal with rpath on bundled libs - Fix python3_sitelib not being around for py2 - Add internal make for too old system - One more stab on poppler switch : - 0001-Make-cpp-poppler-version.h-header-optional.patch - Update the old-poppler patch to work correctly : - 0001-Make-cpp-poppler-version.h-header-optional.patch - Sort out more external tarballs for the no-system-libs approach - Add basic external tarballs needed for without-system-libraries - Add patch to check for poppler more nicely to work on older distros : - 0001-Make-cpp-poppler-version.h-header-optional.patch - Try to pass configure without system libs - Allow switch between py2 and py3 - Move external dependencies in conditional thus allow build on SLE11 - Add conditional for noarch subpackages - Add switch in configure to detect more of internal/external stuff - Add conditional for appdatastore thing and redo it to impact the spec less - Add systemlibs switch to be used in attempt to build sle11 build - Silence more scarry messages by boo#900186 - Fixes autocorr symlinking - Cleans UNO cache in more pretty way - Clean up the uno cache removal to not display scarry message boo#900186 - Remove patch to look for help in /usr/share, we symlink it back to lib, so there is no actual need to search for it directly, migth fix boo#915996 : - officecfg-help-in-usr-share.diff - --disable-collada - reportedly it does not work in LibreOffice 4.4 - added version numbers to some BuildRequires lines - Require flow engine too on base - Fix build on SLE12 and 13.1 by adding conditional for appdata install - Fixup the installed appdata.xml files: they reference a .desktop file that are not installed by libreoffice (boo#926375). - Version bump to 4.4.2 : - 2nd bugfix update for the 4.4 series - BuildRequires: libodfgen-devel >= 0.1 - added version numbers to some BuildRequires lines - build does not require python3-lxml - build requires librevenge-devel >= 0.0.1 - vlc media backend is broken, don't use it. Only gstreamer should be used. - Install the .appdata.xml files shipped by upstream: allow LO to be shown in AppStream based software centers. - Move pretrans to pre - Version bump to 4.4.1 first bugfix release of the series - Reduce bit the compilation preparations as we prepped most of the things by _constraints and it is no longer needed - %pre is not enough the script needs to be rewritten in lua - Move removal of obsolete dirs from %pretrans to %pre boo#916181 - Version bump to 4.4.0 final : - First in the 4.4 series - First release to have the new UI elements without old hardcoded sizes - Various improvements all around. - Version bump to 4.4.0rc2 : - Various bugfixes, just bumping to see if we still build fine. - That verbose switch for configure was really really bad idea - generic images.zip for galaxy icons seem gone so remove - Do not supplement kde3 stuff, it is way beyond obsolete - Remove vlc conditional - korea.xcd is no more so remove - Really use mergelib - Disable telepathy, it really is experimental like hell - Version bump to 4.4.0rc1 : - New 4.4 branch release with additional features - Enable collada : - New bundled collada2gltf tarball: 4b87018f7fff1d054939d19920b751a0-collada2gltf-master-cb1 d97788a.tar.bz2 - Remove errorous self-obsolete in lang pkgs. - Version bump to 4.3.3.2 : - Various bugfixes from maintenance branch to copy openSUSE. - Also contains fix for boo#900214 and boo#900218 CVE-2014-3693 - fix regression in bullets (boo#897903). - Add masterpage_style_parent.odp as new file for regression test for bullets. Changes in cmis-client : - Update to version 0.5.0 + Completely removed the dependency on InMemory server for unit tests + Minimized the number of HTTP requests sent by SessionFactory::createSession + Added Session::getBaseTypes() - Bump soname to 0_5-5 - Bump incname to 0.5 Changes in libetonyek : - Version bump to 0.1.3 : - Various small fixes - More imported now imported - Now use mdds to help with some hashing - Version bump to 0.1.2 : - Initial support for pages and numbers - Ditch libetonyek-0.1.1-constants.patch as we do not require us to build for older boost Changes in libmwaw : - Version bump to 0.3.6 : - Added a minimal parser for ApplePict v1.v2, ie. no clipping, does not take in account the copy mode: srcCopy, srcOr, ... - Extended the --with-docs configure option to allow to build doc only for the API classes: --with-docs=no|api|full . - Added a parser for MacDraft v4-v5 documents. - RagTime v5-v6 parser: try to retrieve the main layouts and the picture/shape/textbox, ie. now, it generates result but it is still very imcomplete... - MWAW{Graphic,Presentation,Text}Listener: corrected a problem in openGroup which may create to incorrect document. - Created an MWAWEmbeddedObject class to store a picture with various representations. - MWAW*Listener: renamed insertPicture to insertShape, added a function to insert a texbox in a MWAWGraphicShape (which only insert a basic textbox). - Fixed many crashes and hangs when importing broken files, found with the help of american-fuzzy-lop. - And several other minor fixes and improvements. - Version bump to 0.3.5 - Various small fixes on 0.3 series, nothing big woth mention Changes in libodfgen : - Version bump to 0.1.4 : - drawing interface: do no forget to call startDocument/endDocument when writing in the manifest - metadata: added handler for 'template' metadata, unknown metadata are written in a meta:user-defined elements, - defineSheetNumberingStyle: can now define styles for the whole document (and not only for the actual sheet) - update doxygen configuration file + add a make astyle command - Allow writing meta:creation-date metadata element for drawings and presentations too. - Improve handling of headings. Most importantly, write valid ODF. - Write meta:generator metadata element. - Add initial support for embedded fonts. It is currently limited to Flat ODF output. - Upgrade to version 0.1.2 - Use text:h element for headings. Any paragraph with text:outline-level property is recognized as a heading. - Handle layers. - Improve handling of styles. Particularly, do not emit duplicate styles. - Slightly improve documentation. - Handle master pages. - Do not expect that integer properties are always in inches. - Fix misspelled style:paragraph-properties element in presentation notes. - Only export public symbols on Linux. - Fix bogus XML-escaping of metadata values. - And many other improvements and fixes. Changes in libpagemaker : - Initial package based on upstream libpagemaker 0.0.2 Changes in libreoffice-share-linker : - Initial commit, split out from main libreoffice package to workaround issues on SLE11 build Changes in mdds : - Update to version 0.12.1 : - Various small fixes on 0.12 series - Just move define up and comment why we redefine docdir - more types are possible in segment_tree data structures (previously only pointers were possible) - added sorted_string_map - multi_type_vector bugfixes Changes in libwps : - Update to version 0.4.1 : + QuattroPro: correct a mistake when reading negative cell's position. + Fix some Windows build problems. + Fix more than 10 hangs when reading damaged files, found with the help of american-fuzzy-lop. + Performance: improve the sheet's output generation. + add support for unknown encoding files (ie. DOS file) + add potential support for converting Lotus, ... documents, + accept to convert all Lotus Wk1 files and Symphony Wk1 files, + add support for Lotus Wk3 and Wk4 documents, + add support for Quattro Pro Wq1 and Wq2 documents, + only in debug mode, add pre-support for Lotus Wk5..., must allow to retrieve the main sheets content's with no formatting, + add potential support for asking the document's password ( but do nothing ) + correct some compiler warnings when compiling in debug mode. + Fix parsing of floating-point numbers in specific cases. + Fix several minor issues reported by Coverity and Clang. + Check arguments of public functions. Passing NULL no longer causes a crash. + Use symbol visibility on Linux. The library only exports the public functions now. + Import @TERM and @CTERM functions (fdo#86241). + Handle LICS character encoding in spreadsheets (fdo#87222). + Fix a crash when reading a broken file, found with the help of american-fuzzy-lop.
    last seen 2019-02-21
    modified 2016-02-29
    plugin id 89016
    published 2016-02-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89016
    title openSUSE Security Update : LibreOffice and related libraries (openSUSE-2016-273)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2015-1915-1.NASL
    description This update brings LibreOffice to version 5.0.2, a major version update. It brings lots of new features, bugfixes and also security fixes. Features as seen on http://www.libreoffice.org/discover/new-features/ - LibreOffice 5.0 ships an impressive number of new features for its spreadsheet module, Calc: complex formulae image cropping, new functions, more powerful conditional formatting, table addressing and much more. Calc's blend of performance and features makes it an enterprise-ready, heavy duty spreadsheet application capable of handling all kinds of workload for an impressive range of use cases - New icons, major improvements to menus and sidebar : no other LibreOffice version has looked that good and helped you be creative and get things done the right way. In addition, style management is now more intuitive thanks to the visualization of styles right in the interface. - LibreOffice 5 ships with numerous improvements to document import and export filters for MS Office, PDF, RTF, and more. You can now timestamp PDF documents generated with LibreOffice and enjoy enhanced document conversion fidelity all around. The Pentaho Flow Reporting Engine is now added and used. Security issues fixed : - CVE-2014-8146: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 did not properly track directionally isolated pieces of text, which allowed remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text. - CVE-2014-8147: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 used an integer data type that is inconsistent with a header file, which allowed remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text. - CVE-2015-4551: An arbitrary file disclosure vulnerability in Libreoffice and Openoffice Calc and Writer was fixed. - CVE-2015-1774: The HWP filter in LibreOffice allowed remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggered an out-of-bounds write. - CVE-2015-5212: A LibreOffice 'PrinterSetup Length' integer underflow vulnerability could be used by attackers supplying documents to execute code as the user opening the document. - CVE-2015-5213: A LibreOffice 'Piece Table Counter' invalid check design error vulnerability allowed attackers supplying documents to execute code as the user opening the document. - CVE-2015-5214: Multiple Vendor LibreOffice Bookmark Status Memory Corruption Vulnerability allowed attackers supplying documents to execute code as the user opening the document. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-29
    plugin id 86757
    published 2015-11-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=86757
    title SUSE SLED12 / SLES12 Security Update : Recommended update for LibreOffice (SUSE-SU-2015:1915-1)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2015-953.NASL
    description Qt 5 was updated to the 5.5.1 release to deliver upstream improvements and fixes to Qt functionality. The following Security fixes are contained in QtWebEngineCore : - ICU: CVE-2014-8146, CVE-2014-8147 - Blink: CVE-2015-1284, CVE-2015-1291, CVE-2015-1292 - Skia: CVE-2015-1294 - V8: CVE-2015-1290 The following packages were rebuilt because they use private headers : - calibre - fcitx-qt5 - frameworkintegration - kwayland - kwin5, - lxqt-powermanagement - lxqt-qtplugin
    last seen 2019-02-21
    modified 2018-02-05
    plugin id 87627
    published 2015-12-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87627
    title openSUSE Security Update : Qt 5 (openSUSE-2015-953)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_10_11.NASL
    description The remote host is running a version of Mac OS X that is 10.6.8 or later but prior to 10.11. It is, therefore, affected by multiple vulnerabilities in the following components : - Address Book - AirScan - apache_mod_php - Apple Online Store Kit - AppleEvents - Audio - bash - Certificate Trust Policy - CFNetwork Cookies - CFNetwork FTPProtocol - CFNetwork HTTPProtocol - CFNetwork Proxies - CFNetwork SSL - CoreCrypto - CoreText - Dev Tools - Disk Images - dyld - EFI - Finder - Game Center - Heimdal - ICU - Install Framework Legacy - Intel Graphics Driver - IOAudioFamily - IOGraphics - IOHIDFamily - IOStorageFamily - Kernel - libc - libpthread - libxpc - Login Window - lukemftpd - Mail - Multipeer Connectivity - NetworkExtension - Notes - OpenSSH - OpenSSL - procmail - remote_cmds - removefile - Ruby - Safari - Safari Downloads - Safari Extensions - Safari Safe Browsing - Security - SMB - SQLite - Telephony - Terminal - tidy - Time Machine - WebKit - WebKit CSS - WebKit JavaScript Bindings - WebKit Page Loading - WebKit Plug-ins Note that successful exploitation of the most serious issues can result in arbitrary code execution.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 86270
    published 2015-10-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=86270
    title Mac OS X < 10.11 Multiple Vulnerabilities (GHOST)
  • NASL family Windows
    NASL id ITUNES_12_3_0.NASL
    description The version of Apple iTunes installed on the remote Windows host is prior to 12.3. It is, therefore, affected by multiple vulnerabilities in the bundled versions of WebKit, CoreText, the Microsoft Visual Studio C++ Redistributable Package, and ICU. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 86001
    published 2015-09-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=86001
    title Apple iTunes < 12.3 Multiple Vulnerabilities (credentialed check)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2017-2318-1.NASL
    description icu was updated to fix two security issues. These security issues were fixed : - CVE-2014-8147: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) used an integer data type that is inconsistent with a header file, which allowed remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text (bsc#929629). - CVE-2014-8146: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) did not properly track directionally isolated pieces of text, which allowed remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text (bsc#929629). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-30
    plugin id 102912
    published 2017-09-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102912
    title SUSE SLED12 / SLES12 Security Update : icu (SUSE-SU-2017:2318-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-0324-1.NASL
    description This update brings LibreOffice to version 5.0.4, a major version update. It brings lots of new features, bug fixes and also security fixes. Features as seen on http://www.libreoffice.org/discover/new-features/ - LibreOffice 5.0 ships an impressive number of new features for its spreadsheet module, Calc: complex formulae image cropping, new functions, more powerful conditional formatting, table addressing and much more. Calc's blend of performance and features makes it an enterprise-ready, heavy duty spreadsheet application capable of handling all kinds of workload for an impressive range of use cases - New icons, major improvements to menus and sidebar : no other LibreOffice version has looked that good and helped you be creative and get things done the right way. In addition, style management is now more intuitive thanks to the visualization of styles right in the interface. - LibreOffice 5 ships with numerous improvements to document import and export filters for MS Office, PDF, RTF, and more. You can now timestamp PDF documents generated with LibreOffice and enjoy enhanced document conversion fidelity all around. The Pentaho Flow Reporting Engine is now added and used. Security issues fixed : - CVE-2014-8146: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 did not properly track directionally isolated pieces of text, which allowed remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text. - CVE-2014-8147: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 used an integer data type that is inconsistent with a header file, which allowed remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text. - CVE-2015-4551: An arbitrary file disclosure vulnerability in Libreoffice and Openoffice Calc and Writer was fixed. - CVE-2015-5212: A LibreOffice 'PrinterSetup Length' integer underflow vulnerability could be used by attackers supplying documents to execute code as the user opening the document. - CVE-2015-5213: A LibreOffice 'Piece Table Counter' invalid check design error vulnerability allowed attackers supplying documents to execute code as the user opening the document. - CVE-2015-5214: Multiple Vendor LibreOffice Bookmark Status Memory Corruption Vulnerability allowed attackers supplying documents to execute code as the user opening the document. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-29
    plugin id 88575
    published 2016-02-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=88575
    title SUSE SLED11 Security Update : Recommended update for LibreOffice (SUSE-SU-2016:0324-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-1401-2.NASL
    description icu was updated to fix two security issues. These security issues were fixed : CVE-2014-8147: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) used an integer data type that is inconsistent with a header file, which allowed remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text (bsc#929629). CVE-2014-8146: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) did not properly track directionally isolated pieces of text, which allowed remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text (bsc#929629). CVE-2016-6293: The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) for C/C++ did not ensure that there is a '\0' character at the end of a certain temporary array, which allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long httpAcceptLanguage argument (bsc#990636). CVE-2017-7868: International Components for Unicode (ICU) for C/C++ 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function (bsc#1034674) CVE-2017-7867: International Components for Unicode (ICU) for C/C++ 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function (bsc#1034678) CVE-2017-14952: Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ allowed remote attackers to execute arbitrary code via a crafted string, aka a 'redundant UVector entry clean up function call' issue (bnc#1067203) CVE-2017-17484: The ucnv_UTF8FromUTF8 function in ucnv_u8.cpp in International Components for Unicode (ICU) for C/C++ mishandled ucnv_convertEx calls for UTF-8 to UTF-8 conversion, which allowed remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted string, as demonstrated by ZNC (bnc#1072193) CVE-2017-15422: An integer overflow in icu during persian calendar date processing could lead to incorrect years shown (bnc#1077999) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 118258
    published 2018-10-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118258
    title SUSE SLES12 Security Update : icu (SUSE-SU-2018:1401-2)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201507-04.NASL
    description The remote host is affected by the vulnerability described in GLSA-201507-04 (International Components for Unicode: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in International Components for Unicode. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could execute arbitrary code with the privileges of the process or cause a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2015-10-05
    plugin id 84603
    published 2015-07-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=84603
    title GLSA-201507-04 : International Components for Unicode: Multiple vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-1401-1.NASL
    description icu was updated to fix two security issues. These security issues were fixed : - CVE-2014-8147: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) used an integer data type that is inconsistent with a header file, which allowed remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text (bsc#929629). - CVE-2014-8146: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) did not properly track directionally isolated pieces of text, which allowed remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text (bsc#929629). - CVE-2016-6293: The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) for C/C++ did not ensure that there is a '\0' character at the end of a certain temporary array, which allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long httpAcceptLanguage argument (bsc#990636). - CVE-2017-7868: International Components for Unicode (ICU) for C/C++ 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function (bsc#1034674) - CVE-2017-7867: International Components for Unicode (ICU) for C/C++ 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function (bsc#1034678) - CVE-2017-14952: Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ allowed remote attackers to execute arbitrary code via a crafted string, aka a 'redundant UVector entry clean up function call' issue (bnc#1067203) - CVE-2017-17484: The ucnv_UTF8FromUTF8 function in ucnv_u8.cpp in International Components for Unicode (ICU) for C/C++ mishandled ucnv_convertEx calls for UTF-8 to UTF-8 conversion, which allowed remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted string, as demonstrated by ZNC (bnc#1072193) - CVE-2017-15422: An integer overflow in icu during persian calendar date processing could lead to incorrect years shown (bnc#1077999) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 110093
    published 2018-05-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=110093
    title SUSE SLED12 / SLES12 Security Update : icu (SUSE-SU-2018:1401-1)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2018-517.NASL
    description icu was updated to fix two security issues. These security issues were fixed : - CVE-2014-8147: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) used an integer data type that is inconsistent with a header file, which allowed remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text (bsc#929629). - CVE-2014-8146: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) did not properly track directionally isolated pieces of text, which allowed remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text (bsc#929629). - CVE-2016-6293: The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) for C/C++ did not ensure that there is a '\0' character at the end of a certain temporary array, which allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long httpAcceptLanguage argument (bsc#990636). - CVE-2017-7868: International Components for Unicode (ICU) for C/C++ 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function (bsc#1034674) - CVE-2017-7867: International Components for Unicode (ICU) for C/C++ 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function (bsc#1034678) - CVE-2017-14952: Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ allowed remote attackers to execute arbitrary code via a crafted string, aka a 'redundant UVector entry clean up function call' issue (bnc#1067203) - CVE-2017-17484: The ucnv_UTF8FromUTF8 function in ucnv_u8.cpp in International Components for Unicode (ICU) for C/C++ mishandled ucnv_convertEx calls for UTF-8 to UTF-8 conversion, which allowed remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted string, as demonstrated by ZNC (bnc#1072193) - CVE-2017-15422: An integer overflow in icu during persian calendar date processing could lead to incorrect years shown (bnc#1077999) This update was imported from the SUSE:SLE-12:Update update project.
    last seen 2019-02-21
    modified 2018-05-25
    plugin id 110107
    published 2018-05-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=110107
    title openSUSE Security Update : icu (openSUSE-2018-517)
refmap via4
apple
  • APPLE-SA-2015-09-16-1
  • APPLE-SA-2015-09-16-3
  • APPLE-SA-2015-09-21-1
  • APPLE-SA-2015-09-30-3
bid 74457
cert-vn VU#602540
confirm
debian DSA-3323
fulldisc 20150505 [CVE-2014-8146/8147] - ICU heap and integer overflows / I-C-U-FAIL
gentoo GLSA-201507-04
misc https://raw.githubusercontent.com/pedrib/PoC/master/generic/i-c-u-fail.txt
mlist [oss-security] 20150505 [CVE-2014-8146/8147] - ICU heap and integer overflows / I-C-U-FAIL
Last major update 21-12-2016 - 21:59
Published 25-05-2015 - 18:59
Last modified 18-01-2018 - 17:45
Back to Top