icu, libicu security update

2020-03-25T19:16:31
ID CESA-2020:0897
Type centos
Reporter CentOS Project
Modified 2020-03-25T19:16:31

Description

CentOS Errata and Security Advisory CESA-2020:0897

The International Components for Unicode (ICU) library provides robust and full-featured Unicode services.

Security Fix(es):

  • ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Merged security bulletin from advisories: http://lists.centos.org/pipermail/centos-announce/2020-March/035682.html

Affected packages: icu libicu libicu-devel libicu-doc

Upstream details at: