Ubuntu Security Notice 3610-1 - It was discovered that ICU incorrectly handled certain calendars. If an application using ICU processed crafted data, a remote attacker could possibly cause it to crash, leading to a denial of service.
34fe3ae72a2ad4c05fa888a8caef7746d0c5876fb34a09e7b67b23549f8c2cf1
==========================================================================
Ubuntu Security Notice USN-3610-1
March 28, 2018
icu vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
ICU could be made to crash if it received specially crafted input.
Software Description:
- icu: International Components for Unicode library
Details:
It was discovered that ICU incorrectly handled certain calendars. If an
application using ICU processed crafted data, a remote attacker could
possibly cause it to crash, leading to a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 17.10:
libicu57 57.1-6ubuntu0.3
Ubuntu 16.04 LTS:
libicu55 55.1-7ubuntu0.4
Ubuntu 14.04 LTS:
libicu52 52.1-3ubuntu0.8
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3610-1
CVE-2017-15422
Package Information:
https://launchpad.net/ubuntu/+source/icu/57.1-6ubuntu0.3
https://launchpad.net/ubuntu/+source/icu/55.1-7ubuntu0.4
https://launchpad.net/ubuntu/+source/icu/52.1-3ubuntu0.8