Detections
Analytics

SUSE SLED15: icu.691 / icu.691-devel / icu.691-doc / libicu69 / libicu69-bedata / etc (SUSE-SU-2021:4063-1)

high Nessus Plugin ID 156089

Language:

Synopsis

The remote SUSE host is missing a security update.

Description

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:4063-1 advisory.

 - Renamed package from icu 69.1 for SUSE:SLE-15-SP3:Update. (jsc#SLE-17893)
 - Fix undefined behaviour in 'ComplexUnitsConverter::applyRounder'

 - Update to release 69.1
 - For Norwegian, 'no' is back to being the canonical code, with 'nb' treated as equivalent. This aligns handling of Norwegian with other macro language codes.
 - Binary prefixes in measurement units (KiB, MiB, etc.)
 - Time zone offsets from local time with new APIs.
 - Don't disable testsuite under 'qemu-linux-user'
 - Fixed an issue when ICU test on 'aarch64 fails. (bsc#1182645)
 - Drop 'SUSE_ASNEEDED' as the issue was in binutils. (bsc#1182252)
 - Fix 'pthread' dependency issue. (bsc#1182252)

 - Update to release 68.2
 - Fix memory problem in 'FormattedStringBuilder'
 - Fix assertion when 'setKeywordValue w/' long value.
 - Fix UBSan breakage on 8bit of rbbi
 - fix int32_t overflow in listFormat
 - Fix memory handling in MemoryPool::operator=()
 - Fix memory leak in AliasReplacer

 - Add back icu.keyring.
 - Update to release 68.1
 - PluralRules selection for ranges of numbers
 - Locale ID canonicalization now conforms to the CLDR spec including edge cases
 - DateIntervalFormat supports output options such as capitalization
 - Measurement units are normalized in skeleton string output
 - Time zone data (tzdata) version 2020d

 - Add the provides for libicu to Make .Net core can install successfully. (bsc#1167603, bsc#1161007)
 - Update to version 67.1
 - Unicode 13 (ICU-20893, same as in ICU 66)
 - Total of 5930 new characters
 - 4 new scripts
 - 55 new emoji characters, plus additional new sequences
 - New CJK extension, first characters in plane 3: U+30000..U+3134A
 - New language at Modern coverage: Nigerian Pidgin
 - New languages at Basic coverage: Fulah (Adlam), Maithili, Manipuri, Santali, Sindhi (Devanagari), Sundanese
 - Region containment: EU no longer includes GB
 - Unicode 13 root collation data and Chinese data for collation and transliteration
 - DateTimePatternGenerator now obeys the 'hc' preference in the locale identifier
 - Various other improvements for ECMA-402 conformance
 - Number skeletons have a new 'concise' form that can be used in MessageFormat strings
 - Currency formatting options for formal and other currency display name variants
 - ListFormatter: new public API to select the style & type
 - ListFormatter now selects the proper and/or form for Spanish & Hebrew.
 - Locale ID canonicalization upgraded to implement the complete CLDR spec.
 - LocaleMatcher: New option to ignore one-way matches
 - acceptLanguage() reimplemented via LocaleMatcher
 - Data build tool: tzdbNames.res moved from the 'zone_tree' category to the 'zone_supplemental' category
 - Fixed uses of u8'literals' broken by the C++20 introduction of the incompatible char8_t type
 - and added a few API overloads to reduce the need for reinterpret_cast.
 - Support for manipulating CLDR 37 unit identifiers in MeasureUnit.

 - Drop icu-versioning. (bsc#1159131)
 - Update to version 66.1
 - Unicode 13 support
 - Fix uses of u8'literals' broken by C++20 introduction of incompatible char8_t type.

 - Fixed an issue when Qt apps can't handle non-ASCII filesystem path. ([bsc#1162882)
 - Remove '/usr/lib(64)/icu/current'. (bsc#1158955)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1158955

https://bugzilla.suse.com/1159131

https://bugzilla.suse.com/1161007

https://bugzilla.suse.com/1162882

https://bugzilla.suse.com/1167603

https://bugzilla.suse.com/1182252

https://bugzilla.suse.com/1182645

http://www.nessus.org/u?d23d5ec5

Plugin Details

Severity: High

ID: 156089

File Name: suse_SU-2021-4063-1.nasl

Version: 1.4

Type: Local

Agent: unix

Published: 12/15/2021

Updated: 6/25/2026

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:libicu69-bedata, p-cpe:/a:novell:suse_linux:icu.691, p-cpe:/a:novell:suse_linux:libicu69-ledata, p-cpe:/a:novell:suse_linux:libicu69, p-cpe:/a:novell:suse_linux:icu.691-devel, p-cpe:/a:novell:suse_linux:icu.691-doc, cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 12/14/2021

Vulnerability Publication Date: 12/14/2021

Reference Information

SuSE: SUSE-SU-2021:4063-1