CVE-2014-7926

Published: 22 January 2015

The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a zero-length quantifier.

Priority

Medium

Status

Package Release Status
chromium-browser
Launchpad, Ubuntu, Debian
Upstream
Released (40.0.2214.91)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [40.0.2214.94-0ubuntu0.14.04.1.1068])
icu
Launchpad, Ubuntu, Debian
Upstream
Released (52.1-7.1)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (52.1-3ubuntu0.2)
Patches:
Upstream: http://bugs.icu-project.org/trac/changeset/36727
oxide-qt
Launchpad, Ubuntu, Debian
Upstream
Released (1.4.2)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [1.4.2-0ubuntu0.14.04.1])