Oval Definition:oval:com.redhat.rhsa:def:20080090
Revision Date:2008-01-28Version:637
Title:RHSA-2008:0090: icu security update (Important)
Description:The International Components for Unicode (ICU) library provides robust and full-featured Unicode services.

  • Will Drewry reported multiple flaws in the way libicu processed certain malformed regular expressions. If an application linked against ICU, such as OpenOffice.org, processed a carefully crafted regular expression, it may be possible to execute arbitrary code as the user running the application. (CVE-2007-4770, CVE-2007-4771)

    All users of icu should upgrade to these updated packages, which contain backported patches to resolve these issues.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2007-4770
    CVE-2007-4771
    RHSA-2008:0090
    RHSA-2008:0090-01
    RHSA-2008:0090-01
    Platform(s):Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • icu is earlier than 0:3.6-5.11.1
  • AND icu is signed with Red Hat redhatrelease2 key
  • libicu is earlier than 0:3.6-5.11.1
  • AND libicu is signed with Red Hat redhatrelease2 key
  • libicu-devel is earlier than 0:3.6-5.11.1
  • AND libicu-devel is signed with Red Hat redhatrelease2 key
  • libicu-doc is earlier than 0:3.6-5.11.1
  • AND libicu-doc is signed with Red Hat redhatrelease2 key
    • BACK