Debian Security Advisory 1762-1 - It was discovered that icu, the internal components for Unicode, did not properly sanitise invalid encoded data, which could lead to cross site scripting attacks.
394edea748c82370feee9e6c67fcfc3ee1cc25518848f11aee385f9ca573e1ce
Ubuntu Security Notice USN-747-1 - It was discovered that libicu did not correctly handle certain invalid encoded data. If a user or automated system were tricked into processing specially crafted data with applications linked against libicu, certain content filters could be bypassed.
96301c92b55eb1251fa787ea679ae430a34cc3f9220925097b70d0647b24e62c