-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : icu Version : 4.8.1.1-12+deb7u7 CVE ID : CVE-2017-7867 CVE-2017-7868
It was discovered that icu, the International Components for Unicode library, did not correctly validate its input. An attacker could use this problem to trigger an out-of-bound write through a heap-based buffer overflow, thus causing a denial of service via application crash, or potential execution of arbitrary code. For Debian 7 "Wheezy", these problems have been fixed in version 4.8.1.1-12+deb7u7. We recommend that you upgrade your icu packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQJ8BAEBCgBmBQJZIFKWXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5 NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHorgP+wZH2v1B0YD5jMHKPfKdxnfN mZFLaQZbOkCwLummkKQRHiLb1JdAIt+B+roO6T0aFLtB+7lmls1kS6izqtXLPt4U XTeTfBi/0aYDR7W5/aYeMbh7yx5znakvPz2PLHjuXFg8rl2a5QY9sh5AqjX6LcHr G5HQMqeAj32ZdVAv3j5HjGg0dY2XKyS/hKgwK+AaBKo558WwzddSOmeqhG1cIuAA vAuhy2aAUUfoGUkjP+FrA74dywGwq34AWBYjvvO7KEZhFRkXYZkfXhQfu3vjU7v8 84CIqyVD6C+VIvPtBoM5Y2f7tehDELYvL23DY+wocRRAAF5LYc8CfOWWjZmOi7/j M4EK6x4FbgV4CWdJgv+vCrXhWRykoSr1+DMQbg7311mtzczGMw94FcSGpin47Szu zQQA1KzAP875zlA4b1bBBmZ5WgEtloiK2HWAiNJOoYMin5im6X4x4CK/s1qiDMHB jlosraK8atZ+MHbpUR56W31SlOlbGq9r0cGmsdXmfIEH98kKjLBX/EcQBmcudPMp pzBUUrQF7UI34z+gywPudMSWqG+cQ03QdkXRaY1c9v2KwUxl+qQM6aU61/6aecLx yZRRQTZywECva3GsYZvqWDwY/FMm0YZYPBfkDQuxEEnkgefWTWYMkU/9SDrB8t0a 1woxVolRqlBbAfjBOhQj =0Afw -----END PGP SIGNATURE-----
