ELA-1461-1 icu security update

stack-based buffer overflow

2025-06-15
Packageicu
Version52.1-8+deb8u10 (jessie), 57.1-6+deb9u6 (stretch), 63.1-6+deb10u4 (buster)
Related CVEs CVE-2025-5222


A stack-based buffer overflow has been fixed in ICU, a C++ and C library for Unicode and Globalization support.



For Debian 10 buster, these problems have been fixed in version 63.1-6+deb10u4.

For Debian 8 jessie, these problems have been fixed in version 52.1-8+deb8u10.

For Debian 9 stretch, these problems have been fixed in version 57.1-6+deb9u6.

We recommend that you upgrade your icu packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.