Ubuntu
icu package

lp:ubuntu/intrepid-security/icu

  1. Intrepid (8.10)
  2. intrepid-security
Created by Ubuntu Package Importer and last modified
Get this branch:
bzr branch lp:ubuntu/intrepid-security/icu
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Development

Recent revisions

20. By Jamie Strandboge

* SECURITY UPDATE: fix improper handling of invalid byte sequences
  during Unicode conversion
  - debian/07-CVE-2009-0153.patch: backported patch thanks to RedHat via
    Debian
  - 03-redhat.icu5797.patch, 04-redhat.icu6001.patch, and
    05-redhat.icu6002.patch required for applying 07-CVE-2009-0153.patch
    with 06-CVE-2008-1036.patch needing adjustments. Patch from Debian.
  - CVE-2009-0153

19. By Marc Deslauriers

* SECURITY UPDATE: Cross-site scripting attack via invalid character
  sequences (LP: #341834)
  - debian/patches/03-cve-2008-1036.patch: Improve parsing logic in
    source/common/{ucnv2022.c,ucnv_bld.*,ucnv.c,ucnvhz.c} to replace
    invalid character sequences. Also, add test case to
    source/test/{cintltst/nucnvtst.c,testdata/conversion.txt}.
  - CVE-2008-1036

18. By Jay Berkenbilt <email address hidden>

* Patch from Harshula to fix split conjuncts problem in
  Sinhala. (Closes: #483563)
* Force structures to be padded at byte boundaries (rather than 32-bit
  boundaries) on arm. (Closes: #484138)
* Update doc-base section.

17. By Jay Berkenbilt <email address hidden>

* New upstream release
* Patch to support GNU/kFreeBSD. Thanks Aurelien Jarno. (Closes: #
  461782)

16. By Jay Berkenbilt <email address hidden>

* Add debian/patches/00-cve-2007-4770-4771.patch created from with
  svn diff -c 23292 \
  http://source.icu-project.org/repos/icu/icu/branches/maint/maint-3-8
  to address the following security vulnerablilities:
   - CVE-2007-4770: reference to non-existent capture group may
     cause access to invalid memory
   - CVE-2007-4771: buffer overflow in regexcmp.cpp
  (Closes: #463688)
* Updated standards version to 3.7.3: no changes required.

15. By Jay Berkenbilt <email address hidden>

Filter out extraneous dependencies among different versions of the
library packages. (Closes: #451767, 451978)

14. By Jay Berkenbilt <email address hidden>

It appears that amd64 requires 32-bit libraries to be in
/emul/ia32-linux/usr/lib instead of /usr/lib32. Following zlib's
example of moving them around for amd64 only. (Closes: #451495)

13. By Jay Berkenbilt <email address hidden>

* Clean up 32-bit library patch to avoid excessive and unnecessary runs
  of configure. (Closes: #447771)
* make setBreakType public in rbbi.h; needed by OpenOffice.org. This
  patch is included in OpenOffice.org's internal ICU. Including it here
  allows OpenOffice.org to continue to use this ICU package. Thanks
  Rene Engelhard. (Closes: #448745)
* Rename debian/watch.not-yet to debian/no-watch so it won't get picked
  up even though it's not supposed to. ICU's ftp site uses a structure
  that isn't supported by uscan. (Closes: #449701)

12. By Jay Berkenbilt <email address hidden>

Fix bug in which 32-bit library installs were overwriting files for
64-bit libraries on amd64. Thanks Robert Millan for the patch.
(Closes: #447275).

11. By Jay Berkenbilt <email address hidden>

Include patch from Samuel Thibault to allow icu to build on gnu hurd.
(Closes: #414446)

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/precise/icu
This branch contains Public information 
Everyone can see this information.

Subscribers