Package: icu / 57.1-6+deb9u4

Metadata

Package Version Patches format
icu 57.1-6+deb9u4 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
icudata stdlibs.patch | (download)

source/config/mh-linux | 4 3 + 1 - 0 !
1 file changed, 3 insertions(+), 1 deletion(-)

---
gennorm2 man.patch | (download)

source/tools/gennorm2/Makefile.in | 20 17 + 3 - 0 !
source/tools/gennorm2/gennorm2.8.in | 71 71 + 0 - 0 !
2 files changed, 88 insertions(+), 3 deletions(-)

 supply manual page for program that doesn't have one
icuinfo man.patch | (download)

source/tools/icuinfo/Makefile.in | 24 20 + 4 - 0 !
source/tools/icuinfo/icuinfo.1.in | 76 76 + 0 - 0 !
2 files changed, 96 insertions(+), 4 deletions(-)

 supply manual page for program that doesn't have one
malayalam rendering.patch | (download)

source/layout/IndicReordering.cpp | 58 7 + 51 - 0 !
1 file changed, 7 insertions(+), 51 deletions(-)

 revert change that broke malayam rendering
indic ccmp.patch | (download)

source/layout/IndicReordering.cpp | 6 5 + 1 - 0 !
1 file changed, 5 insertions(+), 1 deletion(-)

 support ccmp for indic
CVE 2014 6585.patch | (download)

source/layout/LETableReference.h | 7 6 + 1 - 0 !
1 file changed, 6 insertions(+), 1 deletion(-)

 out-of-bounds read
CVE 2015 4760.patch | (download)

source/layout/ContextualGlyphInsertionProc2.cpp | 8 8 + 0 - 0 !
source/layout/ContextualGlyphSubstProc.cpp | 8 8 + 0 - 0 !
source/layout/ContextualGlyphSubstProc2.cpp | 16 12 + 4 - 0 !
source/layout/IndicRearrangementProcessor.cpp | 5 5 + 0 - 0 !
source/layout/IndicRearrangementProcessor2.cpp | 5 5 + 0 - 0 !
source/layout/LigatureSubstProc.cpp | 2 1 + 1 - 0 !
source/layout/StateTableProcessor.cpp | 1 1 + 0 - 0 !
source/layout/StateTableProcessor2.cpp | 4 4 + 0 - 0 !
source/layout/StateTables.h | 2 1 + 1 - 0 !
9 files changed, 45 insertions(+), 6 deletions(-)

 missing boundary checks in layout engine
 It was discovered that ICU Layout Engine was missing multiple boundary checks.
 These could lead to buffer overflows and memory corruption.  A specially
 crafted file could cause an application using ICU to parse untrusted font
 files to crash and, possibly, execute arbitrary code.
hurd fix.diff | (download)

source/tools/toolutil/udbgutil.cpp | 2 0 + 2 - 0 !
1 file changed, 2 deletions(-)

---
CVE 2016 0494.patch | (download)

source/layout/IndicRearrangementProcessor.cpp | 6 3 + 3 - 0 !
source/layout/IndicRearrangementProcessor.h | 4 2 + 2 - 0 !
source/layout/IndicRearrangementProcessor2.cpp | 6 3 + 3 - 0 !
source/layout/IndicRearrangementProcessor2.h | 4 2 + 2 - 0 !
source/runConfigureICU | 4 2 + 2 - 0 !
5 files changed, 12 insertions(+), 12 deletions(-)

 arrange font actions
CVE 2016 6293.patch | (download)

source/common/uloc.cpp | 102 32 + 70 - 0 !
source/test/cintltst/cloctst.c | 56 40 + 16 - 0 !
2 files changed, 72 insertions(+), 86 deletions(-)

---
CVE 2016 7415.patch | (download)

source/common/locid.cpp | 86 48 + 38 - 0 !
source/test/intltest/numfmtst.cpp | 3 2 + 1 - 0 !
2 files changed, 50 insertions(+), 39 deletions(-)

---
CVE 2017 7867_CVE 2017 7868.patch | (download)

source/common/utext.cpp | 27 22 + 5 - 0 !
source/test/intltest/utxttest.cpp | 62 62 + 0 - 0 !
source/test/intltest/utxttest.h | 1 1 + 0 - 0 !
3 files changed, 85 insertions(+), 5 deletions(-)

---
CVE 2017 14952.patch | (download)

source/i18n/zonemeta.cpp | 1 0 + 1 - 0 !
1 file changed, 1 deletion(-)

---
CVE 2017 15422.patch | (download)

source/i18n/gregoimp.cpp | 5 5 + 0 - 0 !
source/i18n/gregoimp.h | 11 11 + 0 - 0 !
source/i18n/persncal.cpp | 2 1 + 1 - 0 !
source/test/intltest/calregts.cpp | 32 32 + 0 - 0 !
source/test/intltest/calregts.h | 1 1 + 0 - 0 !
5 files changed, 50 insertions(+), 1 deletion(-)

---
pkgdata crash.patch | (download)

source/common/unicode/localpointer.h | 13 5 + 8 - 0 !
1 file changed, 5 insertions(+), 8 deletions(-)

 [patch] icu-12531 add null check for closefunction

X-SVN-Rev: 38757

ICU 13634.patch | (download)

source/common/putil.cpp | 24 24 + 0 - 0 !
source/common/putilimp.h | 26 26 + 0 - 0 !
source/test/cintltst/putiltst.c | 14 14 + 0 - 0 !
3 files changed, 64 insertions(+)

 [patch] icu-13634 adding integer overflow logic to icu4c number
 pipeline in places where it is in ICU4J.

X-SVN-Rev: 41136

CVE 2020 10531.patch | (download)

source/common/unistr.cpp | 6 5 + 1 - 0 !
1 file changed, 5 insertions(+), 1 deletion(-)

 [patch] icu-20958 prevent segv_maperr in append

See #971