Skip to content

icu: fix CVE-2017-14952 Double-Free Vulnerability [lede-17.01]#5007

Merged
yousong merged 1 commit intoopenwrt:lede-17.01from
nxhack:17_01-CVE-2017-14952
Oct 24, 2017
Merged

icu: fix CVE-2017-14952 Double-Free Vulnerability [lede-17.01]#5007
yousong merged 1 commit intoopenwrt:lede-17.01from
nxhack:17_01-CVE-2017-14952

Conversation

@nxhack
Copy link
Contributor

@nxhack nxhack commented Oct 24, 2017

Maintainer: me
Compile tested: ar71xx, mips_24kc_gcc-6.3.0_musl-1.1.16, lede-17.01 r3567-0780e12
Run tested: NONE

Description:
[lede-17.01] icu: fix CVE-2017-14952 Double-Free Vulnerability

http://www.sourcebrella.com/blog/double-free-vulnerability-international-components-unicode-icu/

https://security-tracker.debian.org/tracker/CVE-2017-14952

Signed-off-by: Hirokazu MORIKAWA morikw2@gmail.com

@yousong yousong merged commit e967fd8 into openwrt:lede-17.01 Oct 24, 2017
@nxhack nxhack deleted the 17_01-CVE-2017-14952 branch October 25, 2017 03:20
smallprogram added a commit to smallprogram/openwrt_packages that referenced this pull request Jan 29, 2026
@smallprogram
runc: bump to 1.4.0
60a2a31 
cgroups: provide iocost statistics for cgroupv2. (opencontainers/cgroups#43)
cgroups: retry DBus connection when it fails with EAGAIN.(opencontainers/cgroups#45)
cgroups: improve cpuacct.usage_all resilience when parsing data from patched kernels (such as the Tencent kernels). (opencontainers/cgroups#46,opencontainers/cgroups#50)
libct: close child fds on prepareCgroupFD error. (openwrt#4936)
libct: fix mips compilation. (openwrt#4962, openwrt#4967)
When configuring a tmpfs mount, only set the mode= argument if the target path already existed. This fixes a regression introduced in our CVE-2025-52881 mitigation patches. (openwrt#4971, openwrt#4976)
Fix various file descriptor leaks and add additional tests to detect them as comprehensively as possible. (openwrt#5007, openwrt#5021, openwrt#5034)
The "hallucination" helpers added as part of the CVE-2025-52881 mitigation have been made more generic and now apply to all of our pathrs helper functions, which should ensure we will not regress dangling symlink users. (openwrt#4985)
Signed-off-by: David Mandy <smallprogramzhusir@gmail.com>

Signed-off-by: David Mandy <smallprogramzhusir@gmail.com>
@smallprogram smallprogram mentioned this pull request Jan 29, 2026
Closed
1 task
smallprogram added a commit to smallprogram/openwrt_packages that referenced this pull request Jan 29, 2026
@smallprogram
runc: bump to 1.4.0
25b7705 
cgroups: provide iocost statistics for cgroupv2. (opencontainers/cgroups#43)
cgroups: retry DBus connection when it fails with EAGAIN.(opencontainers/cgroups#45)
cgroups: improve cpuacct.usage_all resilience when parsing data from patched kernels (such as the Tencent kernels). (opencontainers/cgroups#46,opencontainers/cgroups#50)
libct: close child fds on prepareCgroupFD error. (openwrt#4936)
libct: fix mips compilation. (openwrt#4962, openwrt#4967)
When configuring a tmpfs mount, only set the mode= argument if the target path already existed. This fixes a regression introduced in our CVE-2025-52881 mitigation patches. (openwrt#4971, openwrt#4976)
Fix various file descriptor leaks and add additional tests to detect them as comprehensively as possible. (openwrt#5007, openwrt#5021, openwrt#5034)
The "hallucination" helpers added as part of the CVE-2025-52881 mitigation have been made more generic and now apply to all of our pathrs helper functions, which should ensure we will not regress dangling symlink users. (openwrt#4985)
Signed-off-by: David Mandy <smallprogramzhusir@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@nxhack @yousong