CentOS Local Security Checks : CentOS: Security Advisory for icu (CESA-2020:0897)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.883202

Categoría: CentOS Local Security Checks

Título: CentOS: Security Advisory for icu (CESA-2020:0897)

Resumen: The remote host is missing an update for the 'icu'; package(s) announced via the CESA-2020:0897 advisory.

Descripción: Summary:
The remote host is missing an update for the 'icu'
package(s) announced via the CESA-2020:0897 advisory.

Vulnerability Insight:
The International Components for Unicode (ICU) library provides robust and
full-featured Unicode services.

Security Fix(es):

* ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Affected Software/OS:
'icu' package(s) on CentOS 7.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2020-10531
Debian Security Information: DSA-4646 (Google Search)
https://www.debian.org/security/2020/dsa-4646
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4OOYAMJVLLCLXDTHW3V5UXNULZBBK4O6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3B5RWJQD5LA45MYLLR55KZJOJ5NVZGP/
https://security.gentoo.org/glsa/202003-15
https://bugs.chromium.org/p/chromium/issues/detail?id=1044570
https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.html
https://chromium.googlesource.com/chromium/deps/icu/+/9f4020916eb1f28f3666f018fdcbe6c9a37f0e08
https://github.com/unicode-org/icu/commit/b7d08bc04a4296982fcef8b6b8a354a9e4e7afca
https://github.com/unicode-org/icu/pull/971
https://unicode-org.atlassian.net/browse/ICU-20958
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2021.html
https://lists.debian.org/debian-lts-announce/2020/03/msg00024.html
RedHat Security Advisories: RHSA-2020:0738
https://access.redhat.com/errata/RHSA-2020:0738
SuSE Security Announcement: openSUSE-SU-2020:0459 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00004.html
https://usn.ubuntu.com/4305-1/

Copyright Copyright (C) 2020 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.883202
Categoría:	CentOS Local Security Checks
Título:	CentOS: Security Advisory for icu (CESA-2020:0897)
Resumen:	The remote host is missing an update for the 'icu'; package(s) announced via the CESA-2020:0897 advisory.
Descripción:	Summary: The remote host is missing an update for the 'icu' package(s) announced via the CESA-2020:0897 advisory. Vulnerability Insight: The International Components for Unicode (ICU) library provides robust and full-featured Unicode services. Security Fix(es): * ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Affected Software/OS: 'icu' package(s) on CentOS 7. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2020-10531 Debian Security Information: DSA-4646 (Google Search) https://www.debian.org/security/2020/dsa-4646 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4OOYAMJVLLCLXDTHW3V5UXNULZBBK4O6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3B5RWJQD5LA45MYLLR55KZJOJ5NVZGP/ https://security.gentoo.org/glsa/202003-15 https://bugs.chromium.org/p/chromium/issues/detail?id=1044570 https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.html https://chromium.googlesource.com/chromium/deps/icu/+/9f4020916eb1f28f3666f018fdcbe6c9a37f0e08 https://github.com/unicode-org/icu/commit/b7d08bc04a4296982fcef8b6b8a354a9e4e7afca https://github.com/unicode-org/icu/pull/971 https://unicode-org.atlassian.net/browse/ICU-20958 https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujan2021.html https://lists.debian.org/debian-lts-announce/2020/03/msg00024.html RedHat Security Advisories: RHSA-2020:0738 https://access.redhat.com/errata/RHSA-2020:0738 SuSE Security Announcement: openSUSE-SU-2020:0459 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00004.html https://usn.ubuntu.com/4305-1/
Copyright	Copyright (C) 2020 Greenbone Networks GmbH