icu-3.6-5.11.4
エラータID: AXSA:2009-73:02
リリース日:
2009/07/09 Thursday - 11:30
題名:
icu-3.6-5.11.4
影響のあるチャネル:
Asianux Server 3 for x86_64
Asianux Server 3 for x86
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- Apple Mac OS X の International Components for Unicode (ICU) には、無効なバイトシーケンスの Unicode 変換を正しく処理しないため、クロスサイトスクリプティングを誘導される脆弱性が存在します。(CVE-2009-0153)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2009-0153
International Components for Unicode (ICU) 4.0, 3.6, and other 3.x versions, as used in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Fedora 9 and 10, and possibly other operating systems, does not properly handle invalid byte sequences during Unicode conversion, which might allow remote attackers to conduct cross-site scripting (XSS) attacks.
International Components for Unicode (ICU) 4.0, 3.6, and other 3.x versions, as used in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Fedora 9 and 10, and possibly other operating systems, does not properly handle invalid byte sequences during Unicode conversion, which might allow remote attackers to conduct cross-site scripting (XSS) attacks.
追加情報:
N/A
ダウンロード:
SRPMS
- icu-3.6-5.11.4.src.rpm
MD5: 018c90ec3acb27199f39a3a04bfb745d
SHA-256: 7762a2b954f2abc1c31bc8587f9b0d316a20b3ffa766e3aa520c5b40079d5ffb
Size: 9.41 MB
Asianux Server 3 for x86
- libicu-3.6-5.11.4.i386.rpm
MD5: 3e248ee66b9c04b94679c1b21eda29ac
SHA-256: e2371bc2f1e2021508ae1e7dff8627847938169ae6a9b7435d8823fd3d87ca3a
Size: 5.18 MB
Asianux Server 3 for x86_64
- libicu-3.6-5.11.4.x86_64.rpm
MD5: c300e6ec3870b3b20376bceb0c8463b3
SHA-256: 25c6d699a49003c2815cd1d0cc08c3d23d725235d87a3ce8282b9e28a129fd3e
Size: 5.15 MB