Explore top 10 tips to secure your open-source projects now. Read More
×MGAA-2025-0099 - Updated packages using updated icu to fix bug. MGAA-2025-0099 - Updated packages using updated icu to fix bug Publication date: 17 Nov 2025 URL: https://advisories.mageia.org/MGAA-2025-0099.html Type: bugfix Affected Mageia releases: 9 Description: We are rebuilding packages requiring icu version 72 with icu version 73 to use an icu version with security fixes. These packages are the third set. References: - https://bugs.mageia.org/show_bug.cgi?id=34730 SRPMS: - 9/core/gspell-1.12.1-1.1.mga9 - 9/core/libcdr-0.1.7-5.1.mga9 - 9/core/0ad-0.0.26-3.1.mga9 - 9/core/c-icap-modules-classify-20180416-15.1.mga9 - 9/core/enchant2-2.3.3-2.1.mga9 - 9/core/gnustep-base-1.28.0-2.1.mga9 - 9/core/gnustep-gui-0.28.0-10.1.mga9 - 9/core/konsole-23.04.3-1.1.mga9 - 9/core/qtwebengine5-5.15.10-8.1.mga9 - 9/core/qtwebengine6-6.4.1-5.1.mga9 - 9/core/performous-1.2.0-6.1.mga9 - 9/core/plasma-workspace-5.27.10-1.3.mga9 - 9/core/R-base-4.3.3-1.1.mga9 - 9/core/scribus-1.5.8-11.1.mga9 - 9/core/strawberry-1.0.17-1.1.mga9 - 9/core/subtitlecomposer-0.7.1-3.1.mga9 - 9/core/mpd-0.23.11-4.1.mga9 - 9/tainted/mpd-0.23.11-4.1.mga9.tainted . Updated packages in Mageia 9 to enhance security by using icu version 73 for critical system fixes and performance.. Mageia security advisory, bugfix updates, icu version 73, security patches Mageia, Linux package management. . LinuxSecurity.com Team
MGAA-2025-0090 - Updated packages using updated icu to fix bug. MGAA-2025-0090 - Updated packages using updated icu to fix bug Publication date: 06 Nov 2025 URL: https://advisories.mageia.org/MGAA-2025-0090.html Type: bugfix Affected Mageia releases: 9 Description: We are rebuilding packages requiring icu version 72 with icu version 73 to use an icu version with security fixes. These packages are the second set. References: - https://bugs.mageia.org/show_bug.cgi?id=34665 SRPMS: - 9/core/brltty-6.5-2.1.mga9 - 9/core/darktable-4.6.1-1.1.mga9 - 9/core/dino-0.4.2-1.1.mga9 - 9/core/gnome-text-editor-44.0-1.1.mga9 - 9/core/godot-4.5-1.1.mga9 - 9/core/hfst-ospell-0.5.3-2.1.mga9 - 9/core/kdb-3.2.90-11.git20220620.mga9 - 9/core/libe-book-0.1.3-13.1.mga9 - 9/core/libphonenumber-8.12.57-4.1.mga9 - 9/core/libical-3.0.16-2.1.mga9 - 9/core/liblcf-0.7.0-3.1.mga9 - 9/core/mapnik-3.1.0-9.1.mga9 - 9/core/libmspub-0.1.4-13.1.mga9 - 9/core/nuspell-5.1.2-1.1.mga9 - 9/core/libqalculate-4.5.1-2.1.mga9 - 9/core/qt5compat6-6.4.1-3.1.mga9 - 9/core/qt4-4.8.7-45.1.mga9 - 9/core/libqxp-0.0.2-10.1.mga9 - 9/core/libvisio-0.1.7-10.1.mga9 - 9/core/vte-0.72.1-1.2.mga9 - 9/core/xalan-c-1.12-5.1.mga9 - 9/core/libzmf-0.0.2-13.1.mga9 - 9/core/ncmpcpp-0.9.2-11.1.mga9 - 9/core/openttd-13.3-1.1.mga9 - 9/core/qtlocation5-5.15.7-2.1.mga9 - 9/core/rspamd-3.2-3.1.mga9 - 9/core/slop-7.6-2.1.mga9 - 9/core/tesseract-5.3.0-3.1.mga9 - 9/core/texlive-20220321-7.2.mga9 - 9/core/unar-1.10.7-11.1.mga9 - 9/core/widelands-1.1-2.1.mga9 - 9/core/znc-1.8.2-21.2.mga9 - 9/core/samba-4.17.12-1.1.mga9 . Updated Mageia packages using icu version 73 to fix bugs and enhance security. Essential updates listed.. Mageia update, icu package, security advisory, bugfix patch. . Severity: Informational. LinuxSecurity.com Team
MGAA-2025-0089 - Updated packages using updated icu to fix bug. MGAA-2025-0089 - Updated packages using updated icu to fix bug Publication date: 06 Nov 2025 URL: https://advisories.mageia.org/MGAA-2025-0089.html Type: bugfix Affected Mageia releases: 9 Description: We are rebuilding packages requiring icu 72 version with icu 73 version to use an icu version with security fixes. These packages are the first set. References: - https://bugs.mageia.org/show_bug.cgi?id=34619 SRPMS: - 9/core/389-adminutil-1.1.22-19.1.mga9 - 9/core/389-ds-base-1.4.0.26-17.1.mga9 - 9/core/389-dsgw-1.1.11-27.1.mga9 - 9/core/boost-1.81.0-3.1.mga9 - 9/core/couchdb-3.2.2-2.2.mga9 - 9/core/dee-1.2.7-31.1.mga9 - 9/core/fbembed-2.5.9.27115-13.1.mga9 - 9/core/freeciv-3.0.7-1.1.mga9 - 9/core/harfbuzz-7.0.1-1.1.mga9 - 9/core/ibus-qt4-1.3.3-19.1.mga9 - 9/core/ircclient-qt-0.3.2-32.1.mga9 - 9/core/mongo-c-driver-1.23.2-2.1.mga9 - 9/core/mozjs102-102.6.0-2.1.mga9 - 9/core/parrot-8.1.0-15.1.mga9 - 9/core/postfix-3.8.4-1.1.mga9 - 9/core/prelude-lml-5.2.0-7.1.mga9 - 9/core/python-icu-2.10.2-1.1.mga9 - 9/core/sword-1.9.0-9.1.mga9 - 9/core/tepl-6.4.0-1.1.mga9 - 9/core/tracker-3.5.3-1.1.mga9 - 9/core/tracker-miners-3.5.2-1.1.mga9 - 9/core/xerces-c-3.2.4-1.1.mga9 - 9/core/xfsprogs-6.6.0-1.1.mga9 - 9/core/yaz-5.34.0-1.1.mga9 . Updated Mageia packages to icu 73 with security fixes. Important bugfix in Mageia 9.. Mageia 9 icu update bugfix package. . Severity: Important. LinuxSecurity.com Team
MGASA-2025-0249 - Updated icu packages fix security vulnerability. MGASA-2025-0249 - Updated icu packages fix security vulnerability Publication date: 27 Oct 2025 URL: https://advisories.mageia.org/MGASA-2025-0249.html Type: security Affected Mageia releases: 9 CVE: CVE-2025-5222 Description: A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution. References: - https://bugs.mageia.org/show_bug.cgi?id=34442 - https://lists.opensuse.org/archives/list/
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-12083 http://linux.oracle.com/errata/ELSA-2025-12083.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: icu-67.1-10.el9_6.x86_64.rpm libicu-67.1-10.el9_6.i686.rpm libicu-67.1-10.el9_6.x86_64.rpm libicu-devel-67.1-10.el9_6.i686.rpm libicu-devel-67.1-10.el9_6.x86_64.rpm aarch64: icu-67.1-10.el9_6.aarch64.rpm libicu-67.1-10.el9_6.aarch64.rpm libicu-devel-67.1-10.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/icu-67.1-10.el9_6.src.rpm Related CVEs: CVE-2025-5222 Description of changes: [67.1-10] - ICU-22973 Fix buffer overflow by using CharString Resolves: RHEL-96664 _______________________________________________ El-errata mailing list
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-11888 http://linux.oracle.com/errata/ELSA-2025-11888.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: icu-74.2-5.el10_0.x86_64.rpm libicu-74.2-5.el10_0.x86_64.rpm libicu-devel-74.2-5.el10_0.x86_64.rpm aarch64: icu-74.2-5.el10_0.aarch64.rpm libicu-74.2-5.el10_0.aarch64.rpm libicu-devel-74.2-5.el10_0.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/icu-74.2-5.el10_0.src.rpm Related CVEs: CVE-2025-5222 Description of changes: [74.2-5] - ICU-22973 Fix buffer overflow by using CharString Resolves: RHEL-96667 _______________________________________________ El-errata mailing list
An update that solves one vulnerability can now be installed.. # icu-77.1-3.1 on GA media Announcement ID: openSUSE-SU-2025:15230-1 Rating: moderate Cross-References: * CVE-2025-5222 CVSS scores: * CVE-2025-5222 ( SUSE ): 7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the icu-77.1-3.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * icu 77.1-3.1 * libicu-devel 77.1-3.1 * libicu-devel-32bit 77.1-3.1 * libicu-doc 77.1-3.1 * libicu77 77.1-3.1 * libicu77-32bit 77.1-3.1 * libicu77-bedata 77.1-3.1 * libicu77-ledata 77.1-3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-5222.html . Critical update for Fedora tackling significant vulnerability in the glibc module, bolstering comprehensive system integrity.. openSUSE update, icu security, moderate severity, system vulnerability, access control. . LinuxSecurity.com Team
* bsc#1243721 Cross-References: * CVE-2025-5222 . # Security update for icu Announcement ID: SUSE-SU-2025:02216-1 Release Date: 2025-07-03T10:09:05Z Rating: important References: * bsc#1243721 Cross-References: * CVE-2025-5222 CVSS scores: * CVE-2025-5222 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-5222 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for icu fixes the following issues: * CVE-2025-5222: Fixed stack buffer overflow in the SRBRoot:addTag function (bsc#1243721) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2216=1 * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-2216=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libicu-devel-52.1-8.16.1 * libicu52_1-52.1-8.16.1 * icu-debuginfo-52.1-8.16.1 * libicu52_1-debuginfo-32bit-52.1-8.16.1 * libicu52_1-data-52.1-8.16.1 * libicu52_1-debuginfo-52.1-8.16.1 * icu-debugsource-52.1-8.16.1 * libicu52_1-32bit-52.1-8.16.1 * libicu-doc-52.1-8.16.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libicu52_1-52.1-8.16.1 * libicu-devel-52.1-8.16.1 * icu-debuginfo-52.1-8.16.1 * libicu52_1-data-52.1-8.16.1 *libicu52_1-debuginfo-52.1-8.16.1 * icu-debugsource-52.1-8.16.1 * libicu-doc-52.1-8.16.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64) * libicu52_1-32bit-52.1-8.16.1 * libicu52_1-debuginfo-32bit-52.1-8.16.1 ## References: * https://www.suse.com/security/cve/CVE-2025-5222.html * https://bugzilla.suse.com/show_bug.cgi?id=1243721 . Urgent security patch released for SUSE icu tackles a memory overflow vulnerability and requires prompt implementation.. SUSE Security Update, Buffer Overflow, Important Security Advisory. . Severity: Important. LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.