[ubuntu/precise-updates] icu 4.8.1.1-3ubuntu0.6 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Wed Sep 16 17:28:22 UTC 2015
icu (4.8.1.1-3ubuntu0.6) precise-security; urgency=medium
* SECURITY UPDATE: information disclosure via overflows
- debian/patches/CVE-2015-2632.patch: properly calculate index in
source/layout/Features.cpp, check for overflows in
source/layout/LETableReference.h.
- CVE-2015-2632
* SECURITY UPDATE: denial of service and possible code execution via
overflows
- debian/patches/CVE-2015-4760.patch: check bounds in
source/layout/ContextualGlyphInsertionProc2.cpp,
source/layout/ContextualGlyphSubstProc.cpp,
source/layout/ContextualGlyphSubstProc2.cpp,
source/layout/IndicRearrangementProcessor.cpp,
source/layout/IndicRearrangementProcessor2.cpp,
use unsigned flags in source/layout/LigatureSubstProc.cpp,
source/layout/StateTables.h, properly handle errors in
source/layout/StateTableProcessor.cpp,
source/layout/StateTableProcessor2.cpp.
- CVE-2015-4760
Date: 2015-09-11 17:01:12.515101+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/icu/4.8.1.1-3ubuntu0.6
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list