FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

icu -- multiple vulnerabilities

Affected packages
icu < 59.0,1
linux-c6-icu < 59.0
linux-c7-icu < 59.0

Details

VuXML ID 607f8b57-7454-42c6-a88a-8706f327076d
Discovery 2017-01-21
Entry 2017-04-20
Modified 2017-04-20

NVD reports:

International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function.

International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function.

References

CVE Name CVE-2017-7867
CVE Name CVE-2017-7868
URL http://bugs.icu-project.org/trac/changeset/39671
URL https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=437