[ubuntu/jaunty] icu 3.8.1-3ubuntu1 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Fri Mar 27 14:30:12 GMT 2009


icu (3.8.1-3ubuntu1) jaunty; urgency=low

  * SECURITY UPDATE: Cross-site scripting attack via invalid character
    sequences (LP: #341834)
    - debian/patches/03-cve-2008-1036.patch: Improve parsing logic in
      source/common/{ucnv2022.c,ucnv_bld.*,ucnv.c,ucnvhz.c} to replace
      invalid character sequences. Also, add test case to
      source/test/{cintltst/nucnvtst.c,testdata/conversion.txt}.
    - CVE-2008-1036

Date: Wed, 25 Mar 2009 08:37:53 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Jamie Strandboge <jamie at ubuntu.com>
https://launchpad.net/ubuntu/jaunty/+source/icu/3.8.1-3ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Wed, 25 Mar 2009 08:37:53 -0400
Source: icu
Binary: libicu38 libicu38-dbg libicu-dev lib32icu38 lib32icu-dev icu-doc
Architecture: source
Version: 3.8.1-3ubuntu1
Distribution: jaunty
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 icu-doc    - API documentation for ICU classes and functions
 lib32icu-dev - Development files for International Components for Unicode (32-bi
 lib32icu38 - International Components for Unicode (32-bit)
 libicu-dev - Development files for International Components for Unicode
 libicu38   - International Components for Unicode
 libicu38-dbg - International Components for Unicode
Launchpad-Bugs-Fixed: 341834
Changes: 
 icu (3.8.1-3ubuntu1) jaunty; urgency=low
 .
   * SECURITY UPDATE: Cross-site scripting attack via invalid character
     sequences (LP: #341834)
     - debian/patches/03-cve-2008-1036.patch: Improve parsing logic in
       source/common/{ucnv2022.c,ucnv_bld.*,ucnv.c,ucnvhz.c} to replace
       invalid character sequences. Also, add test case to
       source/test/{cintltst/nucnvtst.c,testdata/conversion.txt}.
     - CVE-2008-1036
Checksums-Sha1: 
 9b6671af879619d63b2608f8e0599a77ed2dff89 1381 icu_3.8.1-3ubuntu1.dsc
 551ac1f400b1579ef7e09f9e43a6de263c1d5cb7 20674 icu_3.8.1-3ubuntu1.diff.gz
Checksums-Sha256: 
 48d4c1a96e115fd9fd075544b25c223d8e8ff4a04f42bca9fb0e89a0f1e9bbfc 1381 icu_3.8.1-3ubuntu1.dsc
 763e733e34a96c17a77c8401537cac449c0c7a13fb03c2e10d22a6bd6586ece7 20674 icu_3.8.1-3ubuntu1.diff.gz
Files: 
 3af022fbef246d123b885863a238683b 1381 libs optional icu_3.8.1-3ubuntu1.dsc
 6eaee6832fa4cf8f557a94643ca27793 20674 libs optional icu_3.8.1-3ubuntu1.diff.gz
Original-Maintainer: Jay Berkenbilt <qjb at debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAknM4T8ACgkQW0JvuRdL8BpsAgCfashFJbtJ/ItDuap4D5ztK4JA
CkwAn3tFC8eGOEgHiG6ACLr+CaxUXfRj
=5JCP
-----END PGP SIGNATURE-----


More information about the Jaunty-changes mailing list