The Google Chrome Security Team discovered two issues (a race condition and a use-after-free issue) in the International Components for Unicode (ICU) library.

For the oldstable distribution (squeeze), these problems have been fixed in version 4.4.1-8+squeeze2. For the stable distribution (wheezy), which is only affected by CVE-2013-2924 , this problem has been fixed in version 4.8.1.1-12+deb7u1. For the testing distribution (jessie), which is only affected by CVE-2013-2924 , this problem will be fixed soon. For the unstable distribution (sid), which is only affected by CVE-2013-2924 , this problem has been fixed in version 4.8.1.1-13+nmu1. We recommend that you upgrade your icu packages.

ICU is a C++ and C library that provides robust and full-featured Unicode and locale support.

icu on Debian Linux

This check tests the installed software version using the apt package manager.

• http://www.debian.org/security/2013/dsa-2786.html

---

Updated on 2015-03-25