-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2786-1 security@xxxxxxxxxx http://www.debian.org/security/ Michael Gilbert October 27, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : icu Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2013-0900 CVE-2013-2924 Debian Bug : 702346 726477 The Google Chrome Security Team discovered two issues (a race condition and a use-after-free issue) in the International Components for Unicode (ICU) library. For the oldstable distribution (squeeze), these problems have been fixed in version 4.4.1-8+squeeze2. For the stable distribution (wheezy), which is only affected by CVE-2013-2924, this problem has been fixed in version 4.8.1.1-12+deb7u1. For the testing distribution (jessie), which is only affected by CVE-2013-2924, this problem will be fixed soon. For the unstable distribution (sid), which is only affected by CVE-2013-2924, this problem has been fixed in version 4.8.1.1-13+nmu1. We recommend that you upgrade your icu packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (GNU/Linux) iQQcBAEBCgAGBQJSbYO5AAoJELjWss0C1vRzCO0f/2f0LJGu/BNl9fTFUAcG75j+ MmY927JqeOgQxbglH5CK/Rj8m+FCKE9D9Ak8ac4odA3R6AlIja4sQWHuiXJFTxP8 ZEJSmfrSS/dcolts3rBRxQOomQcIy6HrcXllmSn5q6GHjOkyykjRXGkVlfpcU98X hBrCu4dzgzgIglUC61Esmfd3qiw7R7ZVik+obKniRTgDkxX+piAaTsQpGGKoRoA2 NDwbHil2iIcpQ7o/HYrhxTPLDzgrN0/wsSJpCEYVlIp+WwSk3ZZOqB8/P+lL7lpx xDhq9HVxyicQsisrNZMSU7lq5GEtHzN5krVEfCCmbjLsosuJWwu7vgS2Dbpm91Z+ AtpTjBSwj1r85+lKy5vsYbETrX6N9EAWV8Pav+NbBzLGCofWdVlFw3aQM49I7geq ADuV00toYV/XLeEWd/Foz5FuxHU9TKX/gkMkNkqpGCcXQ58PMnKOJMRV6SEB8Sem sipq9CIbxi60dKQCgn+TkvRfULHNAhlzR4V0MG8Xr4ev26pvWQgoWDAA/kVg6AUr 64Cb+t5mHWllj93/+C34sAnRosNUJBRBTwuW4azL5fczh1YW4FiJ8SZPh8mOG+iA VoYrQhv/+tUdb5cYtog4QXMLLV0Ai6SM5OioGdZSLSLaMw2Y4mdD3S4WiPZmOZEY ITihdQzTX1VlqO8nYpE/zTcb9z4CIaFyoENLUe0G6F6aNGYcRsS0ZdX+IFY/KsBC s2eHaVnF1Vv2CWmi9ml9svunnf4szCbJ8VBsoMhahsfTntuo6pbeVj66I3CUGYuY Buc6Eoygzsl4MeD0fmYOMEAmMLvcA0Ehp/PJxyXFd/dJoV46cNuWz7HaqNH/5qa6 hDjhUb1SnmuFbh7FuLhr6EhujJiSy9SNVfMGojnThpH2sEFa66PAW+gXi3BkfwV7 jFU52Mc0fIL+ZHsvkWEXuz7Ha5NfCYmG50p9esyKMlAPXJ7EVwfBy02Dqzvyyy1n g+wAtLtvo7oicjTDsuJ7sGuQGzJaME0zt26Q0OVHA+lJnh/KzcWO2LFoYk/Fpv3N sjGwi/ge7hJiqcXvzbYGRgTlb6E0z/1e85DePrkha/a8zUCdJFDm8SqRfssqvdE5 QKnM63XvoDdIjO958yQa614D1UQ4f4ey0/iKdXa/NwbackMgPKBCllzkU/B5tVc/ LDeIGK5d355nWCBLt2AZ+V7N+taaKHdjmtpPStdT65QRKuXt2xIIJzJ4jWBc+p0F Vnh9lqBJDmHd6R3zTQKas25rCQyoB1Lfv74ANouAK1prgfdeEzVawmE+W1h6l6P1 OVAj7tjOrNq0xEli+B2iFMJG/6Q7VC8siCBQdHZYqWfMS21QIQj11PEcQHP7HFA= =WhFc -----END PGP SIGNATURE-----
