[ubuntu/precise-security] icu 4.8.1.1-3ubuntu0.10 (Accepted)
Steve Langasek
steve.langasek at canonical.com
Mon May 3 12:45:16 UTC 2021
icu (4.8.1.1-3ubuntu0.10) precise-security; urgency=medium
* SECURITY UPDATE: Integer Overflow
- debian/patches/CVE-2020-10531.patch: adds a int32_t overflow
check when calculate a newLen in doReplace function in
source/common/unistr.cpp.
- CVE-2020-10531
icu (4.8.1.1-3ubuntu0.9) precise-security; urgency=medium
* SECURITY UPDATE: double free
- debian/patches/CVE-2017-14952.patch: fixes double free in
createMetaZoneMappings() source/i18n/zonemeta.cpp.
- CVE-2017-14952
icu (4.8.1.1-3ubuntu0.8) precise-security; urgency=medium
* SECURITY UPDATE: out of bounds write in common/utext.cpp
(LP: #1684298)
- debian/patches/CVE-2017-786x.patch: properly handle hunk size in
source/common/utext.cpp, added test to
source/test/intltest/utxttest.cpp, source/test/intltest/utxttest.h.
- debian/patches/CVE-2017-786x-additional.patch: this patch was originally
typed to debian Wheezy and applied here in order to adapt the original
fix to Precise. Thanks to Roberto C. Sànchez.
- CVE-2017-7867
- CVE-2017-7868
Date: 2020-03-16 18:14:26.164013+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Signed-By: Steve Langasek <steve.langasek at canonical.com>
https://launchpad.net/ubuntu/+source/icu/4.8.1.1-3ubuntu0.10
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list