-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4150-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff March 23, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : icu CVE ID : CVE-2017-15422 It was discovered that an integer overflow in the International Components for Unicode (ICU) library could result in denial of service and potentially the execution of arbitrary code. For the oldstable distribution (jessie), this problem has been fixed in version 52.1-8+deb8u7. For the stable distribution (stretch), this problem has been fixed in version 57.1-6+deb9u2. We recommend that you upgrade your icu packages. For the detailed security status of icu please refer to its security tracker page at: https://security-tracker.debian.org/tracker/icu Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlq1S1kACgkQEMKTtsN8 TjaZBRAAqb8vCWHAm32dQ7QsiIuoCOk1t1bzRm6ZKAm6U3YVaTPFSQrfBlT7OZZU 416HuwRCMg1gVivNdyeDgch+f0cu6GeMkCNRrcBsvIOHjP3fvhdpU2M6667XOS0J anmlRtD6jkLdLF3kxUcGCpu/DozR+SsuhRT8FZ07yPw4USWVJqwbInV9l8cd4bil iHeDizc0aOaKtlsGmN1XJixw9oyObIlvK9yWcqlQI1ijSpAGEMBI7XBNRB8yF/DL IJNDa15wpAUSLq9wDtYu0KzwFIQIc+q2R+EQdaljsXvPTZM/neiC9nmz1TNoGI/+ knnpWe4G5OcsIbe9mAFMl7H+ppzT+OxCXQWval56w1YKrDVWFVRY3YnUTIHub9lz brCBI24n5rIzcwC5KHvxZGUTepib5pqELbq1hWhrZAH/zoh0M/nUTCrnXN1ae6m/ CWP+vWOtzqE2fO4fgPCrP6SrG2cVPXD+jl+xr/gvPiI775GbNpGkl7cxNFj5eonG 2tt004DjfRL1WAgFBHlb8ZsulHHpiTTaEJNXf8J9qG1ULYYpYhpOeYLHroiUHajR sJgCECS18DKMkG55bnzq3702pu1UMcS5G3zkhpGmw102mxhArUHz/dDEAA8F3x5O 5gbU4E0Baf9m8LY595ana1lskzM4nonKerCpUWqz7xCDY39OK2o= =wef5 -----END PGP SIGNATURE-----