Amazon Linux 1 Security Advisory: ALAS-2012-33
Advisory Release Date: 2012-01-09 09:18 Pacific
Advisory Updated Date: 2014-09-14 15:10 Pacific
A stack-based buffer overflow flaw was found in the way ICU performed variant canonicalization for some locale identifiers. If a specially-crafted locale representation was opened in an application linked against ICU, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2011-4599)
Affected Packages:
icu
Issue Correction:
Run yum update icu to update your system.
i686:
libicu-4.2.1-9.9.amzn1.i686
icu-4.2.1-9.9.amzn1.i686
libicu-devel-4.2.1-9.9.amzn1.i686
icu-debuginfo-4.2.1-9.9.amzn1.i686
noarch:
libicu-doc-4.2.1-9.9.amzn1.noarch
src:
icu-4.2.1-9.9.amzn1.src
x86_64:
icu-debuginfo-4.2.1-9.9.amzn1.x86_64
libicu-4.2.1-9.9.amzn1.x86_64
libicu-devel-4.2.1-9.9.amzn1.x86_64
icu-4.2.1-9.9.amzn1.x86_64