openSUSE has issued an advisory on May 25:
Mageia 5 and Mageia 6 are also affected.
The SUSE bug has more details:
Assigning to the registered maintainer.
Fedora has issued an advisory today (November 9):
The issue is fixed upstream in 64.1.
icu new security issue CVE-2017-17484 =>
icu new security issues CVE-2017-17484 and CVE-2018-18928Whiteboard:
RPM Packages =>
Re-assigning globally due to change to no specific maintainer.
Mga 6 is EOL and CVE-2017-17484 is already fixed in ICU 63.1.
MGA7TOO, MGA6TOO =>
icu new security issues CVE-2017-17484 and CVE-2018-18928 =>
icu new security issue CVE-2018-18928CC:
The updated packages fix a security vulnerability:
International Components for Unicode (ICU) for C/C++ 63.1 has an integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp. (CVE-2018-18928)
Updated packages in core/updates_testing:
MGA7-64 Plasma on Lenovo B50
No installation issues.
Followed wiki, installed openttd and got as far asbuilding a bus station. Good enough for me.
Validating. Advisory in Comment 5.
An update for this issue has been pushed to the Mageia Updates repository.