icu: CVE-2017-14952 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Ovidiu Panait <ovidiu.panait@windriver.com>	2017-11-10 17:46:10 +0200
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2017-12-04 17:23:59 +0000
commit	c6d473f460f1eb7f6605057e10b12cab2ab78f5f (patch)
tree	f8374446601443d6b2c98da3fda64271b1e44613 /meta/recipes-kernel
parent	7104d48590ce672a657fcf51d8c3902a6cd14549 (diff)
download	poky-c6d473f460f1eb7f6605057e10b12cab2ab78f5f.tar.gz

icu: CVE-2017-14952

Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary code via a crafted string, aka a "redundant UVector entry clean up function call" issue. Reference: https://nvd.nist.gov/vuln/detail/CVE-2017-14952 Upstream patches: http://bugs.icu-project.org/trac/changeset/40324/trunk/icu4c/source/i18n/zonemeta.cpp (From OE-Core rev: 16006869e30395dd758a1797e324567ec4f8e074) Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit 4ff12a8bf2b8d094085afbe8fa1d43f781cfa79d) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/recipes-kernel')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: