Secunia - Stay Secure
Gartner
Home Corporate Website Jobs Mailing Lists RSS Blog Advertise
Software Inspectors
  Scan Online
  Personal (PSI)
  Network (NSI 2.0)

Solutions For
  Security Professionals
  Security Vendors

Free Solutions For
  Open Communities
  Journalists & Media

Secunia Advisories
  Search
  Historic Advisories
  Listed By Product
  Listed By Vendor
  Statistics / Graphs
  Secunia Research
  Report Vulnerability
  About Advisories

Virus Information
  Chronological List
  Last 10 Virus Alerts
  About Virus Information

Secunia Customers
  Customer Area


Debian update for libicu Advisory Available in German 

Secunia Advisory: SA29194  
Release Date: 2008-03-04

Critical:
Moderately critical
Impact: DoS
System access
Where: From remote
Solution Status: Vendor Patch

OS:Debian GNU/Linux 4.0
Debian GNU/Linux unstable alias sid


CVE reference:CVE-2007-4770 (Secunia mirror)
CVE-2007-4771 (Secunia mirror)
Want to know the next time vulnerabilities are fixed in this product?
- Companies can be alerted via email and SMS!


Description:
Debian has issued an update for libicu. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.

For more information:
SA28575

Solution:
Apply updated packages.

-- Debian GNU/Linux 4.0 alias etch --

Source archives:

http://security.debian.org/pool/updates/main/i/icu/icu_3.6.orig.tar.gz
Size/MD5 checksum:9778863 0f1bda1992b4adca62da68a7ad79d830
http://security.debian.org/pool/updates/main/i/icu/icu_3.6-2etch1.dsc
Size/MD5 checksum:591 13dcea6b1c9a282147b99c4867db6ee8
http://security.debian.org/pool/updates/main/i/icu/icu_3.6-2etch1.diff.gz
Size/MD5 checksum: 9552 82e560098b24b245872b163a522a80b8

Architecture independent packages:

http://security.debian.org/pool/updates/main/i/icu/icu-doc_3.6-2etch1_all.deb
Size/MD5 checksum:3332194 5da76263265814905245b97daec4c1c3

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updat...icu/libicu36-dev_3.6-2etch1_alpha.deb
Size/MD5 checksum:7028746 b6b13d0fa262501923c97a859b400d10
http://security.debian.org/pool/updates/main/i/icu/libicu36_3.6-2etch1_alpha.deb
Size/MD5 checksum:5581984 0cd37ce9f234b9207accc424dc191f49

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updat...icu/libicu36-dev_3.6-2etch1_amd64.deb
Size/MD5 checksum:6585582 9fe0ee74625a985628c9af096dd13827
http://security.debian.org/pool/updates/main/i/icu/libicu36_3.6-2etch1_amd64.deb
Size/MD5 checksum:5444228 250851db4a613e9a5d0029d73c1196c0

arm architecture (ARM)

http://security.debian.org/pool/updat...i/icu/libicu36-dev_3.6-2etch1_arm.deb
Size/MD5 checksum:6631114 a73ff442415ca3bc336f1fb49e3aa701
http://security.debian.org/pool/updates/main/i/icu/libicu36_3.6-2etch1_arm.deb
Size/MD5 checksum:5458358 c6d533fd7c1c51efbac58d2a96a386fb

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updat.../icu/libicu36-dev_3.6-2etch1_hppa.deb
Size/MD5 checksum:7090294 aadca0bc8fb9307ea7fe293406a10e5f
http://security.debian.org/pool/updates/main/i/icu/libicu36_3.6-2etch1_hppa.deb
Size/MD5 checksum:5909956 07bd8e6c733072fca8b96cc10e210a68

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/i/icu/libicu36_3.6-2etch1_i386.deb
Size/MD5 checksum:5468656 532aa02d6d67d4b6527ac8c29c9d110e
http://security.debian.org/pool/updat.../icu/libicu36-dev_3.6-2etch1_i386.deb
Size/MD5 checksum:6465540 bfd4d908b552bba2d871771f86369ec7

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updat.../icu/libicu36-dev_3.6-2etch1_ia64.deb
Size/MD5 checksum:7238880 10b410fcd460e47c3619de88167b74f5
http://security.debian.org/pool/updates/main/i/icu/libicu36_3.6-2etch1_ia64.deb
Size/MD5 checksum:5865536 dbc0ec913f08682cec4f1b75d35e0531

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updat.../icu/libicu36-dev_3.6-2etch1_mips.deb
Size/MD5 checksum:7047506 c0b327e8229d1d4d33131453cdac6508
http://security.debian.org/pool/updates/main/i/icu/libicu36_3.6-2etch1_mips.deb
Size/MD5 checksum:5748172 126a2f0bb4b61cc54d70edb882191576

powerpc architecture (PowerPC)

http://security.debian.org/pool/updat...i/icu/libicu36_3.6-2etch1_powerpc.deb
Size/MD5 checksum:5747754 8bc631ad394a86e11c24c5b9ffd76f1d
http://security.debian.org/pool/updat...u/libicu36-dev_3.6-2etch1_powerpc.deb
Size/MD5 checksum:6888906 c5542d6d957327fd6f540029f4195772

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/i/icu/libicu36_3.6-2etch1_s390.deb
Size/MD5 checksum:5776762 16a114247a39201f3966ff4f22b80342
http://security.debian.org/pool/updat.../icu/libicu36-dev_3.6-2etch1_s390.deb
Size/MD5 checksum:6895102 15624240d20d2e0aa7a29bbc90895908

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/i/icu/libicu36_3.6-2etch1_sparc.deb
Size/MD5 checksum:5671256 2c7a50b1fe50dbe4b3ef8995d91e5946
http://security.debian.org/pool/updat...icu/libicu36-dev_3.6-2etch1_sparc.deb
Size/MD5 checksum:6771832 84a95a10934106c8cfc409032191de98

-- Debian GNU/Linux unstable alias sid --

Fixed in version 3.8-6.

Original Advisory:
http://www.us.debian.org/security/2008/dsa-1511

Other References:
SA28575:
http://secunia.com/advisories/28575/


Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

1165 Related Secunia Security Advisories, displaying 10

1. Debian update for gforge
2. Debian update for openssh
3. Debian OpenSSL Predictable Random Number Generator and Update
4. Debian update for kernel
5. Debian update for rdesktop
6. Debian update for php5
7. Debian update for kazehakase
8. Debian update for blender
9. Debian update for b2evolution
10. Debian update for cacti

Show all related advisories


Send Feedback to Secunia

If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.

Ideas, suggestions, and other feedback are most welcome.








Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Do you think it's important to read Setup/User Guides for applications for use within your network?


See Results   


Most Popular Advisories

1.
Model Search "cat" SQL Injection Vulnerability
2.
68 Classifieds "cat" SQL Injection Vulnerability
3.
Drupal Site Documentation Module Information Disclosure
4.
Symantec Altiris Deployment Solution Multiple Vulnerabilities
5.
Pet Grooming Management System "useradded.php" Security Bypass
6.
e107 BLOG Engine Plugin "rid" SQL Injection
7.
W1L3D4 Philboard Multiple SQL Injection Vulnerabilities
8.
Kostenloses Linkmanagements cript Multiple Vulnerabilities
9.
Oracle Application Server Portal Authentication Bypass
10.
Rantx "logininfo" Security Bypass Vulnerability





Vulnerability Management - Terms & Conditions - Copyright 2002-2008 Secunia - Compliance - Contact Secunia