icu was updated to fix two security issues. These security issues were fixed: - CVE-2014-8147: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode used an integer data type that is inconsistent with a header file, which allowed remote attackers to cause a denial of service or possibly execute arbitrary code via crafted text . - CVE-2014-8146: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode did not properly track directionally isolated pieces of text, which allowed remote attackers to cause a denial of service or possibly execute arbitrary code via crafted text .