14 DAY TRIAL // Canonical published details about ICU vulnerabilities which has been found and fixed in Ubuntu 14.10, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS. This update comes with repairs for a number of problems and various exploits.
Maintainers for the Ubuntu system have upgraded the ICU packages in the repositories. As usual, it would be a good idea to upgrade the system as soon as possible and not only for this kind of vulnerabilities. As it turns out, ICU could have been made to crash or run programs.
"It was discovered that ICU incorrectly handled memory operations when processing regular expressions. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program," reads the security notice.
This is just one of the vulnerabilities identified and corrected. For a more detailed description of the problems, you can see Canonical's security notification. Users have been advised to upgrade their systems as soon as possible.
The flaws can be fixed if you upgrade your system to the latest libicu52 packages specific to each distribution. To apply the patch, users will have to run the Update Manager application. In general, a standard system update will make all the necessary changes and there is no need for a restart.