[SECURITY] [DSA 4150-1] icu security update

2018-03-23T18:47:24
ID DEBIAN:DSA-4150-1:2E864
Type debian
Reporter Debian
Modified 2018-03-23T18:47:24

Description


Debian Security Advisory DSA-4150-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff March 23, 2018 https://www.debian.org/security/faq


Package : icu CVE ID : CVE-2017-15422

It was discovered that an integer overflow in the International Components for Unicode (ICU) library could result in denial of service and potentially the execution of arbitrary code.

For the oldstable distribution (jessie), this problem has been fixed in version 52.1-8+deb8u7.

For the stable distribution (stretch), this problem has been fixed in version 57.1-6+deb9u2.

We recommend that you upgrade your icu packages.

For the detailed security status of icu please refer to its security tracker page at: https://security-tracker.debian.org/tracker/icu

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org