{"id":"MGASA-2017-0411","summary":"Updated icu packages fix security vulnerability","details":"Updated icu packages fix security vulnerability:\n\nDouble free in i18n/zonemeta.cpp in International Components for Unicode\n(ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary\ncode via a crafted string, aka a \"redundant UVector entry clean up function\ncall\" issue (CVE-2017-14952).\n","modified":"2026-04-16T01:46:40.780596342Z","published":"2017-11-16T08:36:22Z","upstream":["CVE-2017-14952"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2017-0411.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=21929"}],"affected":[{"package":{"name":"icu","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/icu?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"53.1-12.8.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0411.json"}},{"package":{"name":"icu","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/icu?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"58.2-3.1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0411.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}