Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 476
Alerts This Week
Warning Icon 1 476

Ubuntu 16.10 & 16.04 LTS USN-3227-1 Critical: ICU Memory Issue

ubuntu
Calendar Grey March 13, 2017
Dist Ubuntu Esm H88
Stay informed on ICU weaknesses affecting multiple Ubuntu releases, with essential security protocols outlined for protection.
Several security issues were fixed in ICU.

Summary

Several security issues were fixed in ICU.

Software Description:

- icu: International Components for Unicode library

Details:

It was discovered that ICU incorrectly handled certain memory operations

when processing data. If an application using ICU processed crafted data,

a remote attacker could possibly cause it to crash or potentially execute

arbitrary code with the privileges of the user invoking the program.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.10:
  libicu57                        57.1-4ubuntu0.1

Ubuntu 16.04 LTS:
  libicu55                        55.1-7ubuntu0.1

Ubuntu 14.04 LTS:
  libicu52                        52.1-3ubuntu0.5

Ubuntu 12.04 LTS:
  libicu48                        4.8.1.1-3ubuntu0.7

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-3227-1

CVE-2014-9911, CVE-2015-4844, CVE-2016-0494, CVE-2016-6293,

CVE-2016-7415

Severity
critical
Lowest
Low
Medium
High
Critical

March 13, 2017

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.