icu: Stack based buffer overflow in locid.cpp (CVE-2016-7415)
Stack-based buffer overflow in the Locale class in common/locid.cpp in
International Components for Unicode (ICU) through 57.1 for C/C allows
remote attackers to cause a denial of service (application crash) or
possibly have unspecified other impact via a long locale string.
Fixed In Version:
icu 58.1
References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7415
https://bugzilla.redhat.com/show\_bug.cgi?id=CVE-2016-7415
Upstream bug (private):
http://bugs.icu-project.org/trac/ticket/12745
No patch available.
(from redmine: issue id 6547, created on 2016-12-19, closed on 2016-12-29)
- Relations:
- child #6548 (closed)
- child #6549 (closed)
- child #6550 (closed)
- child #6551 (closed)