ICU could be made to execute arbitrary code if it received a specially crafted
string.
Software Description:
- icu: International Components for Unicode library
Details:
André Bargull discovered that ICU incorrectly handled certain strings.
An attacker could possibly use this issue to execute arbitrary code.
The problem can be corrected by updating your system to the following package versions: Ubuntu 19.10: libicu63 63.2-2ubuntu0.1 Ubuntu 18.04 LTS: libicu60 60.2-3ubuntu3.1 Ubuntu 16.04 LTS: libicu55 55.1-7ubuntu0.5 Ubuntu 14.04 ESM: libicu52 52.1-3ubuntu0.8+esm1 Ubuntu 12.04 ESM: libicu48 4.8.1.1-3ubuntu0.10 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-4305-1
CVE-2020-10531
Get the latest Linux and open source security news straight to your inbox.