[3.3] icu: Uninitialized memory read fixed in Chrome 44.0.2403.89 (CVE-2015-1270)
The ucnv_io_getConverterName function in common/ucnv_io.cpp in
International Components for Unicode (ICU),
as used in Google Chrome before 44.0.2403.89, mishandles converter names
with initial x- substrings,
which allows remote attackers to cause a denial of service (read of
uninitialized memory) or
possibly have unspecified other impact via a crafted file.
References
https://security-tracker.debian.org/tracker/CVE-2015-1270
http://bugs.icu-project.org/trac/ticket/11696
https://bugzilla.redhat.com/show\_bug.cgi?id=CVE-2015-1270
Patch
http://bugs.icu-project.org/trac/changeset/37486/
(from redmine: issue id 4678, created on 2015-09-29, closed on 2015-10-12)
- Relations:
- copied_to #4679 (closed)
- parent #4677 (closed)
- Changesets:
- Revision 4979be8d by Natanael Copa on 2015-10-12T07:39:43Z:
main/icu: security fix for CVE-2015-1270
ref #4677
fixes #4678