1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 4646-1] icu security update

    From Salvatore Bonaccorso@1:229/2 to All on Wed Mar 25 17:30:01 2020
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4646-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso
    March 25, 2020 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : icu
    CVE ID : CVE-2020-10531
    Debian Bug : 953747

    Andre Bargull discovered an integer overflow in the International
    Components for Unicode (ICU) library which could result in denial of
    service and potentially the execution of arbitrary code.

    For the oldstable distribution (stretch), this problem has been fixed
    in version 57.1-6+deb9u4.

    For the stable distribution (buster), this problem has been fixed in
    version 63.1-6+deb10u1.

    We recommend that you upgrade your icu packages.

    For the detailed security status of icu please refer to its security
    tracker page at:
    https://security-tracker.debian.org/tracker/icu

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl57hW9fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0SmchAAkFD6KbEBnsGjO6ZkxQIb1xp5votbZFnbKGWc2/zvJjn8razDuw0zU0CJ ewdGDviwRm9BGbSax53/nIp21ceN38ntiv+GXexXmes79AcP0/XOlUjXT9UWWJ1n bBWlCrAS6b9UK6dMpFq1iJOlxHlqSchDtndg1NWepENXPoJ5/ytVHPScBH12Fb1z U8uPWJEEOmCdtUEkkXuzBIIxzRpyAP/jW+FvCeCKgHU6l04vaYY622n9dDiCs39x uNtORWVdxXR6veXqiaKCX6NptbCybSP1iso+eggZrNrdjpiVxASyPWeO9uDQd9zD j9dWhVpWVQU+x+5lXuAdiTCsD7J4i1o4L1nMencJ4GUFVj6cGNbe02ndCeBuUxmD VTZK4FEwXfNpEKGJSQJ0ucSdrzZNPBCc/BjqZKcFTei+02scPDbAHEK7ziPyGExh oLMiQSOks32lJ95zIj9gf8HETu2cRo4/sUY13ydPMkzeTl1H/57nY4qeQeny8Iyz w93S6BIFKVpPQmiPsynXnq4CBUciwjV53z5fxBoq2KxZwhEQXYT2c56dnQrnMqwS TLltx8eT4sd1gxvtUDYl1+6Br1yr4/rTZeP+zFjAHdt/ASIex0hviNiUF0Wxn5Ls oa0alfqp6hK0TWPI+SR8IxlOnEHDIuoDkbgKUFkjEK9YWAgwgJo=
    =/zwr
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)