It was discovered that icu, the internal components for Unicode, did not properly sanitise invalid encoded data, which could lead to crosssite scripting attacks. For the oldstable distribution (etch), this problem has been fixed in version 3.6-2etch2. For the stable distribution (lenny), this problem has been fixed in version 3.8.1-3+lenny1. For the testing distribution (squeeze) and the unstable distribution (sid), this problem has been fixed in version 4.0.1-1. We recommend that you upgrade your icu packages.
It was discovered that icu, the internal components for Unicode, did not properly sanitise invalid encoded data, which could lead to crosssite scripting attacks.
For the oldstable distribution (etch), this problem has been fixed in version 3.6-2etch4.
For the stable distribution (lenny), this problem has been fixed in version 3.8.1-3+lenny1.
For the testing distribution (squeeze) and the unstable distribution (sid), this problem has been fixed in version 4.0.1-1.
We recommend that you upgrade your icu packages.
MD5 checksums of the listed files are available in the original advisory.