blob: da59933a446e85559c1ec2de68b3e3c2077e773d (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
<define-tag description>LTS security update</define-tag>
<define-tag moreinfo>
<p>A vulnerability has been found in the International Components
for Unicode (ICU) library:</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2015-4760">CVE-2015-4760</a>
<p>It was discovered that ICU Layout Engine was missing multiple
boundary checks. These could lead to buffer overflows and memory
corruption. A specially crafted file could cause an application
using ICU to parse untrusted font files to crash and, possibly,
execute arbitrary code.</p></li>
</ul>
<p>For the squeeze distribution, these issues have been fixed in version
4.4.1-8+squeeze4 of icu.</p>
<p>We recommend to upgrade your icu packages.</p>
</define-tag>
# do not modify the following line
#include "$(ENGLISHDIR)/lts/security/2015/dla-283.data"
# $Id$
|
