it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: Michael Gilbert <mgilbert AT debian.org>
- To: debian-security-announce AT lists.debian.org
- Subject: [IT-SecNots] [SECURITY] [DSA 2786-1] icu security update
- Date: Sun, 27 Oct 2013 17:12:42 -0400
- List-archive: <https://service.piratenpartei.de/pipermail/it-securitynotifies>
- List-id: Sicherheitsankündigungen <it-securitynotifies.lists.piratenpartei.de>
- Old-return-path: <gilbert AT psidef.org>
- Priority: urgent
- Resent-date: Sun, 27 Oct 2013 21:13:17 +0000 (UTC)
- Resent-from: debian-security-announce AT lists.debian.org
- Resent-message-id: <EGACDAhImOE.A.2sD.tHYbSB@bendel>
- Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-2786-1 security AT debian.org
http://www.debian.org/security/ Michael Gilbert
October 27, 2013 http://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : icu
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-0900 CVE-2013-2924
Debian Bug : 702346 726477
The Google Chrome Security Team discovered two issues (a race condition
and a use-after-free issue) in the International Components for Unicode
(ICU) library.
For the oldstable distribution (squeeze), these problems have been fixed
in version 4.4.1-8+squeeze2.
For the stable distribution (wheezy), which is only affected by
CVE-2013-2924, this problem has been fixed in version 4.8.1.1-12+deb7u1.
For the testing distribution (jessie), which is only affected by
CVE-2013-2924, this problem will be fixed soon.
For the unstable distribution (sid), which is only affected by
CVE-2013-2924, this problem has been fixed in version 4.8.1.1-13+nmu1.
We recommend that you upgrade your icu packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
iQQcBAEBCgAGBQJSbYO5AAoJELjWss0C1vRzCO0f/2f0LJGu/BNl9fTFUAcG75j+
MmY927JqeOgQxbglH5CK/Rj8m+FCKE9D9Ak8ac4odA3R6AlIja4sQWHuiXJFTxP8
ZEJSmfrSS/dcolts3rBRxQOomQcIy6HrcXllmSn5q6GHjOkyykjRXGkVlfpcU98X
hBrCu4dzgzgIglUC61Esmfd3qiw7R7ZVik+obKniRTgDkxX+piAaTsQpGGKoRoA2
NDwbHil2iIcpQ7o/HYrhxTPLDzgrN0/wsSJpCEYVlIp+WwSk3ZZOqB8/P+lL7lpx
xDhq9HVxyicQsisrNZMSU7lq5GEtHzN5krVEfCCmbjLsosuJWwu7vgS2Dbpm91Z+
AtpTjBSwj1r85+lKy5vsYbETrX6N9EAWV8Pav+NbBzLGCofWdVlFw3aQM49I7geq
ADuV00toYV/XLeEWd/Foz5FuxHU9TKX/gkMkNkqpGCcXQ58PMnKOJMRV6SEB8Sem
sipq9CIbxi60dKQCgn+TkvRfULHNAhlzR4V0MG8Xr4ev26pvWQgoWDAA/kVg6AUr
64Cb+t5mHWllj93/+C34sAnRosNUJBRBTwuW4azL5fczh1YW4FiJ8SZPh8mOG+iA
VoYrQhv/+tUdb5cYtog4QXMLLV0Ai6SM5OioGdZSLSLaMw2Y4mdD3S4WiPZmOZEY
ITihdQzTX1VlqO8nYpE/zTcb9z4CIaFyoENLUe0G6F6aNGYcRsS0ZdX+IFY/KsBC
s2eHaVnF1Vv2CWmi9ml9svunnf4szCbJ8VBsoMhahsfTntuo6pbeVj66I3CUGYuY
Buc6Eoygzsl4MeD0fmYOMEAmMLvcA0Ehp/PJxyXFd/dJoV46cNuWz7HaqNH/5qa6
hDjhUb1SnmuFbh7FuLhr6EhujJiSy9SNVfMGojnThpH2sEFa66PAW+gXi3BkfwV7
jFU52Mc0fIL+ZHsvkWEXuz7Ha5NfCYmG50p9esyKMlAPXJ7EVwfBy02Dqzvyyy1n
g+wAtLtvo7oicjTDsuJ7sGuQGzJaME0zt26Q0OVHA+lJnh/KzcWO2LFoYk/Fpv3N
sjGwi/ge7hJiqcXvzbYGRgTlb6E0z/1e85DePrkha/a8zUCdJFDm8SqRfssqvdE5
QKnM63XvoDdIjO958yQa614D1UQ4f4ey0/iKdXa/NwbackMgPKBCllzkU/B5tVc/
LDeIGK5d355nWCBLt2AZ+V7N+taaKHdjmtpPStdT65QRKuXt2xIIJzJ4jWBc+p0F
Vnh9lqBJDmHd6R3zTQKas25rCQyoB1Lfv74ANouAK1prgfdeEzVawmE+W1h6l6P1
OVAj7tjOrNq0xEli+B2iFMJG/6Q7VC8siCBQdHZYqWfMS21QIQj11PEcQHP7HFA=
=WhFc
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST AT lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster AT lists.debian.org
Archive: E1VaXda-00066B-8q AT alpha.psidef.org">http://lists.debian.org/E1VaXda-00066B-8q AT alpha.psidef.org
- [IT-SecNots] [SECURITY] [DSA 2786-1] icu security update, Michael Gilbert, 27.10.2013
Archiv bereitgestellt durch MHonArc 2.6.19.