ELSA-2025-11888
- ULN >
- Oracle Linux Errata repository >
- ELSA-2025-11888
ELSA-2025-11888 - icu security update
| Type: | SECURITY |
| Impact: | MODERATE |
| Release Date: | 2025-07-28 |
Description
[74.2-5]
- ICU-22973 Fix buffer overflow by using CharString
Resolves: RHEL-96667
[74.2-4]
- Bump release for October 2024 mass rebuild:
Resolves: RHEL-64018
[74.2-3]
- Resolves: RHEL-59365 Fix coverity warnings
[74.2-2]
- Bump release for June 2024 mass rebuild
[74.2-1]
- Update to 74.2
[74.1-1]
- Update to 74.1
[73.2-5]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
[73.2-4]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
[73.2-3]
- Fix broken TestHebrewCalendarInTemporalLeapYear
[73.2-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
[73.2-1]
- Update to 73.2
[72.1-3]
- migrated to SPDX license IDs
[72.1-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
[72.1-1]
- Update to 72.1
[71.1-2]
- Update timezone data to 2022b
[71.1-1]
- Update to 71.1
[69.1-7]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
[69.1-6]
- Update timezone data to 2022a
[69.1-5]
- Introduce use_tzdata_update flag
[69.1-4]
- Update timezone data to 2021a4
[69.1-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
[69.1-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
[69.1-1]
- Update to 69.1
[67.1-6]
- Rebuilt for removed libstdc++ symbol (#1937698)
[67.1-5]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
[67.1-4]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
[67.1-3]
- Replace unversioned %{__python} macro with %{__python3}
[67.1-2]
- Use make macros
- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
[67.1-1]
- Update to 67.1
[65.1-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
[65.1-1]
- Update to 65.1
- Add a patch from gentoo to fix the build on s390x
- Drop arm test disabling patches as they are no longer needed
[63.2-4]
- Build with Python 3
[63.2-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
[63.2-2]
- Resolves: rhbz#1708935 temporarily roll back to 63.1
[63.2-1]
- Update to 63.2
[63.1-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
[63.1-1]
- Update to 63.1
[62.1-3]
- Resolves: rhbz#1646703 CVE-2018-18928
[62.1-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
[62.1-1]
- Update to 62.1
[61.1-2]
- Resolves: rhbz#1582611 Add riscv64 to icu-config.sh
[61.1-1]
- Update to 61.1
[60.2-3]
- Update Python 2 dependency declarations to new packaging standards
(See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
[60.2-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
[60.2-1]
- Update to 60.2
[60.1-2]
- Resolves: rhbz#1524820 CVE-2017-17484
[60.1-1]
- Update to 60.1
[57.1-9]
- Resolves: rhbz#1510932 CVE-2017-14952
[57.1-8]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
[57.1-7]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
[57.1-6]
- Resolves: rhbz#1444101 CVE-2017-7867 CVE-2017-7868
[57.1-5]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
[57.1-4]
- dist.rpmgrill: 'Percent signs in specfile changelog should be escaped'
[57.1-3]
- Resolves: rhbz#1377362 CVE-2016-7415
[57.1-2]
- Resolves: rhbz#1360340 CVE-2016-6293
[57.1-1]
- upgrade to upstream ICU 57.1
[56.1-7]
- make check failure is fatal again
[56.1-6]
- remove icu-56.1-codes-cache-extend.patch
[56.1-5]
- even more verbosity and debug output
- add path to extend ICU's internal cache of codes
- use license macro
- provide samples in devel subpackage
- modernize generally
[56.1-4]
- %build: make VERBOSE=1
- %check: keep 'make check' non-fatal while investigating rhbz#1307633
[56.1-3]
- Resolves: rhbz#1307633 FTBFS, disable check to get build through for now
[56.1-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
[56.1-1]
- Resolves: rhbz#1271353 upgrade to ICU 56.1
[54.1-5]
- Workaround rhbz#1239574 disabling offending tests on armv7hl
[54.1-4]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
[54.1-3]
- Resolves: rhbz#1190131 CVE-2014-7923 CVE-2014-7926 CVE-2014-9654
- Resolves: rhbz#1184811 CVE-2014-6585 CVE-2014-6591
[54.1-2]
- Rebuilt for Fedora 23 Change
https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code
[54.1-1]
- Resolves: rhbz#1185433 upgrade to upstream ICU 54.1
[53.1-1]
- Resolves: rhbz#1130771 upgrade to upstream ICU 53.1
[52.1-4]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
[52.1-3]
- Resolves: rhbz#1106793 bad 2-digit year test case
[52.1-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
[52.1-1]
- upgrade to upstream ICU 52.1
- Resolves: rhbz#1049265 icu-52.1 is available
- Resolves: rhbz#1050063 Trivial change to icu-config to support ppc64le
- drop icu-51-layout-fix-10107.tgz source
- drop integrated icu.10318.CVE-2013-2924_changeset_34076.patch
- drop integrated icu.10143.memory.leak.crash.patch
[50.1.2-10]
- Resolves: rhbz#1015594 CVE-2013-2924 use-after-free
[50.1.2-9]
- added %{?_isa} to Requires for multi-arch systems
[50.1.2-8]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
[50.1.2-7]
- Resolves: rhbz#986814 install icu-config.sh from source2
[50.1.2-6]
- Resolves: rhbz#966141 various flaws in Layout Engine font processing
- Resolves: rhbz#966077 aarch64 support for icu-config.sh wrapper
[50.1.2-5]
- added manpages for gennorm2 and icuinfo, rhbz#884035 related
[50.1.2-4]
- Resolves: fdo#52519 crash on typing some Malayalam
[50.1.2-3]
- Resolves: rhbz#856594 roll back and build without --disable-renaming again
[50.1.2-2]
- Resolves: rhbz#856594 include content of icu/source/uconfig.h.prepend
[50.1.2-1]
- Update to 50.1.2
- Resolves: rhbz#856594 to-do add --disable-renaming on next soname bump
- removed upstream applied icu.9283.regexcmp.crash.patch
[49.1.1-7]
- Related: rhbz#856594 reenable icu symbol renaming
[49.1.1-6]
- Resolves: rhbz#856594 disable icu symbol renaming
[49.1.1-5]
- apply upstream fix (bug 9283) for regexcmp crash causing Chromium segfaults
[49.1.1-4]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
[49.1.1-3]
- probably parallel-build safe by now. Add a check for original breakage
[49.1.1-2]
- Resolves: rhbz#804313 multi-lib pain
[49.1.1-1]
- Update to 49.1.1
[4.8.1.1-3]
- Resolves: rhbz#813484 doxygen 1.8.0 does not provide installdox, omit from install
[4.8.1.1-2]
- Correct reference to BZ681941, add temporary fix for ARM FTBFS side effect
[-4.8.1.1-1]
- Update to 4.8.1.1
[4.8.1-4]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
[4.8.1-3]
- Resolves: rhbz#766542 CVE-2011-4599 Stack-based buffer overflow
- add icu.8984.CVE-2011-4599.patch
[4.8.1-2]
- Resolves: rhbz#747193 try and enable ccmp for Indic fonts
[4.8.1-1]
- Resolves: rhbz#681941 don't link unneccessary -lm, etc.
- add icu.8800.freeserif.crash.patch
[4.6-2]
- Resolves: rhbz#681941 don't link unneccessary -lm, etc.
[4.6-1]
- latest version
- upgrade includes a .pc now of its own, drop ours
- drop integrated icu.6995.kannada.patch
- drop integrated icu.7971.buildfix.patch
- drop integrated icu.7972.buildfix.patch
- drop integrated icu.7932.doublecompare.patch
- drop integrated icu.8011.buildfix.patch
[4.4.2-8]
- Resolves: rhbz#674328 yet more ways that freeserif crashes libicu
[4.4.2-7]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
[4.4.2-6]
- Resolves: rhbz#674328 more ways that freeserif crashes libicu
[4.4.2-5]
- Resolves: rhbz#674328 freeserif crashes libicu
[4.4.2-4]
- Resolves: rhbz#669237 strip libicudata
[4.4.2-3]
- Resolves: rhbz#657964 icu-config bindir returns sbindir
[4.4.2-2]
- Resolves: rhbz#654200 revert icu#5431
[4.4.2-1]
- latest version
* Wed Sep 29 2010 jkeating - 4.4.1-6
- Rebuilt for gcc bug 634757
[4.4.1-5]
- upstream patches
[4.4.1-4]
- Resolves: rhbz#631403 doxygen no longer generates gifs
[4.4.1-3]
- move licences into libicu, and add them into the -doc subpackage
as well
[4.4.1-2]
- Resolves: rhbz#596171 drop icu.icu6284.strictalias.patch and use
-fno-strict-aliasig as upstream has added a pile more and doesn't look
interested in proposed patchs
[4.4.1-1]
- latest version
- drop integrated icu.icu7567.libctest.patch
[4.4-1]
- latest version
- drop integrated icu.6969.pkgdata.patch
- drop integrated icu.icu7039.badextract.patch
- drop integrated icu.XXXX.buildfix.patch
[4.2.1-8]
- Resolves: rhbz#543386 update icu-config
[4.2.1-7]
- Fix FTBFS with yet another autoconf version that changes
behaviour
[4.2.1-6]
- Resolves: rhbz#520468 fix s390x and other secondary archs
[4.2.1-5]
- icu#7039 fix broken use of extract to get tests working
[4.2.1-4]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
[4.2.1-3]
- make documentation noarch
[4.2.1-2]
- rpmlint warnings
[4.2.1-1]
- 4.2.1 release
[4.2.0.1-3]
- Resolves: rhbz#508288 multilib conflict
[4.2.0.1-2]
- Resolves: rhbz#505252 add icu.6995.kannada.patch
[4.2.0.1-1]
- 4.2.0.1 release
[4.2-1]
- 4.2 release
[4.2-0.1.d03]
- 4.2 release candidate
- drop resolved icu.icu6008.arm.padding.patch
- drop resolved icu.icu6439.bare.elif.patch
[4.0.1-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
[4.0.1-2]
- fix bare elif for gcc-4.4
[4.0.1-1]
- 4.0.1 release
[4.0-6]
- Resolves rhbz#225896 clean up low hanging rpmlint warnings
[4.0-5]
- drop integrated icu.icu5557.safety.patch
[4.0-4]
- annoyingly upstream tarball was repacked apparently to remove
some unused/cached dirs
[4.0-3]
- Resolves: rhbz#461348 wrong icu-config
[4.0-2]
- Resolves: rhbz#459698 drop Malayalam patches. Note test with Rachana/Meera
instead of Lohit Malayalam before filing bugs against icu wrt.
Malayalam rendering
[4.0-1]
- final release
[4.0-0.3.d03]
- 4.0 release candidate
[4.0-0.2.d02]
- drop icu.icu5498.openoffice.org.patch
[4.0-0.1.d02]
- 4.0 release candidate
- drop integrated icu.regexp.patch
[3.8.1-8]
- add icu.icu6284.strictalias.patch and build with
strict-aliasing
[3.8.1-7]
- Resolves: rhbz#437761 modify to icu.icu6213.worstcase.patch for
other worst case expansions
[3.8.1-6]
- Resolves: rhbz#437761 add icu.icu6213.bengali.worstcase.patch
[3.8.1-5]
- Resolves: rhbz#431401 split syllables on 1st 0d4d of a 0d4d +
(>= 0d15 && <= 0d39) + 0d4d + 0d30 sequence
[3.8.1-4]
- Resolves: rhbz#431029, rhbz#424661 Remove workaround for 0D31 characters
[3.8.1-3]
- CVE-2007-4770 CVE-2007-4771 add icu.regexp.patch
- Resolves: rhbz#423211 fix malalayam stuff in light of syllable
changes
[3.8.1-2]
- remove icu.icu5365.dependantvowels.patch and cleanup
icu.icu5506.multiplevowels.patch as they patch and unpatch
eachother (thanks George Rhoten for pointing out that madness)
[3.8.1-1]
- latest version
- drop fixed icu.icu6084.zwnj.notdef.patch
[3.8-6]
- Resolves: rhbz#423211 experimental hack for 0d15+0d4d+0d30
[3.8-5]
- Resolves: rhbz#415541 icu.icu6084.zwnj.notdef.patch
[3.8-4]
- Resolves: ooo#83991 Malayalam 'Kartika' font fix
[3.8-3]
- add icu.openoffice.org.patch
[3.8-2]
- add icu.icu6008.arm.padding.patch to fix an arm problem
[3.8-1]
- latest version
[3.8-0.2.d02]
- next release candidate
[3.8-0.2.d01]
- rebuild
[3.8-0.1.d01]
- 3.8 release candidate
- drop integrated icu.icu5433.oriya.patch
- drop integrated icu.icu5488.assamese.patch
- drop integrated icu.icu5500.devicetablecrash.patch
- drop integrated icu.icu5501.sinhala.biggerexpand.patch
- drop integrated icu.icu5594.gujarati.patch
- drop integrated icu.icu5465.telegu.patch
[3.6-20]
- Resolves: rhbz#243984 change the icu group as it is libicu
which is 'System Environment/Libraries' not icu
[3.6-19]
- Resolves: rhbz#220867 Malayalam rendering
[3.6-18]
- Resolves: rhbz#228457 icu.icu5594.gujarati.patch
[3.6-17]
- spec cleanups
[3.6-16]
- Resolves: rhbz#226949 layout telegu like pango
[3.6-15]
- Resolves: rhbz#214948 icu.icu5506.multiplevowels.patch
[3.6-14]
- Related: rhbz#216089 add icu.icu5557.safety.patch
[3.6-13]
- Resolves: rhbz#220433 modify icu.icu5431.malayam.patch
[3.6-12]
- Resolves: rhbz#214948 icu.icu5506.multiplevowels.patch
[3.6-11]
- Resolves: rhbz#214555 icu.icu5501.sinhala.biggerexpand.patch
[3.6-10]
- Resolves: rhbz#214555 icu.icu5500.devicetablecrash.patch
[3.6-9]
- Resolves: rhbz#213648 extend prev/next to handle ZWJ
[3.6-8]
- Resolves: rhbz213375 (icu.icu5488.assamese.patch)
[3.6-7]
- Resolves: rhbz#211258 (icu.icu5465.telegu.patch)
[3.6-6]
- rh#209391# add icu.icuXXXX.virama.prevnext.patch
[3.6-5]
- rh#208705# add pkg-config Require for -devel package
- add icu.icu5431.malayam.patch for rh#208551#/rh#209084#
- add icu.icu5433.oriya.patch for rh#208559#/rh#209083#
[3.6-4]
- rebuilt for unwind info generation, broken in gcc-4.1.1-21
[3.6-3]
- rh#206615# render malayam like pango
[3.6-2]
- fix rh#205252#/icu#5365 (gnome#121882#/#icu#4026#) to make icu
like pango for multiple dependant vowels
[3.6-1]
- final release
[3.6-0.1.d02]
- bump
[3.6-0.2.d01]
- c++ code not alias correct
[3.6-0.1.d01]
- rh#200728# update to prelease 3.6d01 to pick up on sinhala fixes
- drop integrated rh190879.patch
- drop integrated icu-3.4-sinhala1.patch
[3.4-10.1.1]
- rebuild
[3.4-10.1]
- rebuild
[3.4-10]
- rh#194686# BuildRequires
[3.4-9]
- rh#190879# backport fix
[3.4-8]
- add Harshula's icu-3.4-sinhala1.patch for some Sinhala support
[3.4-7]
- add a pkgconfig.pc, make icu-config use it
[3.4-6.2]
- bump again for double-long bug on ppc(64)
[3.4-6.1]
- rebuilt for new gcc4.1 snapshot and glibc changes
[3.4-6]
- add icu-gcc41.patch
[3.4-5]
- clear execstack requirement for libicudata
[3.4-4]
- import extra icu.spec into fedora core for openoffice.org
- build with gcc 4
[3.4-3]
- Use dist
- gcc32 does not understand -fstack-protector and
--param=ssp-buffer-size=4
[3.4-2]
- 3.4.
[3.4-0.2.d02]
- 3.4-d02.
- Don't ship static libraries.
[3.2-3]
- Apply upstream case mapping mutex lock removal patch.
- Build with gcc 3.2 as a temporary workaround for #152495.
[3.2-2]
- rebuilt
[3.2-1]
- Don't use %{_smp_mflags} (b.f.u #2357).
- Remove unnecessary Epochs.
[0:3.2-0.fdr.1]
- Update to 3.2.
[0:3.0-0.fdr.1]
- Update to 3.0, datadirs patch no longer needed.
- Package data in shared libs, drop -locales subpackage.
- Rename -docs subpackage to libicu-doc, and generate graphs with graphviz.
[0:2.6.1-0.fdr.3]
- Partial fix for bad datadirs returned by icu-config (works as long as
data packaging mode is not 'common' or 'dll').
[0:2.6.1-0.fdr.2]
- First complete version.
[0:2.6.1-0.fdr.1]
- Update to 2.6.1.
[0:2.6-0.fdr.1]
- First build, based on upstream and SuSE 8.2 packages.
Related CVEs
| CVE-2025-5222 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 10 (aarch64) | icu-74.2-5.el10_0.src.rpm | d25343d77b20ffaf604ee35d7daa3a5f464d93578bdecdddc8ece32107802603 | - | ol10_aarch64_appstream |
| icu-74.2-5.el10_0.src.rpm | d25343d77b20ffaf604ee35d7daa3a5f464d93578bdecdddc8ece32107802603 | - | ol10_aarch64_baseos_latest | |
| icu-74.2-5.el10_0.src.rpm | d25343d77b20ffaf604ee35d7daa3a5f464d93578bdecdddc8ece32107802603 | - | ol10_aarch64_u0_baseos_patch | |
| icu-74.2-5.el10_0.aarch64.rpm | 2d004e5f807386ad99f82c8c35d1c01a9776b390d1aec50a1bb868c190a532ac | - | ol10_aarch64_appstream | |
| libicu-74.2-5.el10_0.aarch64.rpm | 46f9534db091833184553d9d73170a4f820e34fe3c418343786b7bde2ccae13f | - | ol10_aarch64_baseos_latest | |
| libicu-74.2-5.el10_0.aarch64.rpm | 46f9534db091833184553d9d73170a4f820e34fe3c418343786b7bde2ccae13f | - | ol10_aarch64_u0_baseos_patch | |
| libicu-devel-74.2-5.el10_0.aarch64.rpm | 9ca07e1ce19e988bc210eaa7972d93be4374e73169c79157c38cda4497516b61 | - | ol10_aarch64_appstream | |
| Oracle Linux 10 (x86_64) | icu-74.2-5.el10_0.src.rpm | d25343d77b20ffaf604ee35d7daa3a5f464d93578bdecdddc8ece32107802603 | - | ol10_x86_64_appstream |
| icu-74.2-5.el10_0.src.rpm | d25343d77b20ffaf604ee35d7daa3a5f464d93578bdecdddc8ece32107802603 | - | ol10_x86_64_baseos_latest | |
| icu-74.2-5.el10_0.src.rpm | d25343d77b20ffaf604ee35d7daa3a5f464d93578bdecdddc8ece32107802603 | - | ol10_x86_64_u0_baseos_patch | |
| icu-74.2-5.el10_0.x86_64.rpm | b7f81cb5e34b6c838efd570771a7e77aa6b0ae15029d52aa80e00868ce10b87d | - | ol10_x86_64_appstream | |
| libicu-74.2-5.el10_0.x86_64.rpm | 2cc1b88f47fd11904c6e2d2ddfe2e61ba23a7bc5a4811d3baed891ff55a3d0ae | - | ol10_x86_64_baseos_latest | |
| libicu-74.2-5.el10_0.x86_64.rpm | 2cc1b88f47fd11904c6e2d2ddfe2e61ba23a7bc5a4811d3baed891ff55a3d0ae | - | ol10_x86_64_u0_baseos_patch | |
| libicu-devel-74.2-5.el10_0.x86_64.rpm | ec49fd28b4902631cc14d9a6bddf9821fb698d9c5f811a539cedc2b5f595c5a7 | - | ol10_x86_64_appstream | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
