lp:ubuntu/intrepid-security/icu
- Get this branch:
- bzr branch lp:ubuntu/intrepid-security/icu
Branch merges
Branch information
Recent revisions
- 20. By Jamie Strandboge
-
* SECURITY UPDATE: fix improper handling of invalid byte sequences
during Unicode conversion
- debian/07-CVE- 2009-0153. patch: backported patch thanks to RedHat via
Debian
- 03-redhat.icu5797. patch, 04-redhat. icu6001. patch, and
05-redhat. icu6002. patch required for applying 07-CVE- 2009-0153. patch
with 06-CVE-2008-1036. patch needing adjustments. Patch from Debian.
- CVE-2009-0153 - 19. By Marc Deslauriers
-
* SECURITY UPDATE: Cross-site scripting attack via invalid character
sequences (LP: #341834)
- debian/patches/ 03-cve- 2008-1036. patch: Improve parsing logic in
source/common/ {ucnv2022. c,ucnv_ bld.*,ucnv. c,ucnvhz. c} to replace
invalid character sequences. Also, add test case to
source/test/{cintltst/ nucnvtst. c,testdata/ conversion. txt}.
- CVE-2008-1036 - 18. By Jay Berkenbilt <email address hidden>
-
* Patch from Harshula to fix split conjuncts problem in
Sinhala. (Closes: #483563)
* Force structures to be padded at byte boundaries (rather than 32-bit
boundaries) on arm. (Closes: #484138)
* Update doc-base section. - 17. By Jay Berkenbilt <email address hidden>
-
* New upstream release
* Patch to support GNU/kFreeBSD. Thanks Aurelien Jarno. (Closes: #
461782) - 16. By Jay Berkenbilt <email address hidden>
-
* Add debian/
patches/ 00-cve- 2007-4770- 4771.patch created from with
svn diff -c 23292 \
http://source. icu-project. org/repos/ icu/icu/ branches/ maint/maint- 3-8
to address the following security vulnerablilities:
- CVE-2007-4770: reference to non-existent capture group may
cause access to invalid memory
- CVE-2007-4771: buffer overflow in regexcmp.cpp
(Closes: #463688)
* Updated standards version to 3.7.3: no changes required. - 15. By Jay Berkenbilt <email address hidden>
-
Filter out extraneous dependencies among different versions of the
library packages. (Closes: #451767, 451978) - 14. By Jay Berkenbilt <email address hidden>
-
It appears that amd64 requires 32-bit libraries to be in
/emul/ia32-linux/usr/ lib instead of /usr/lib32. Following zlib's
example of moving them around for amd64 only. (Closes: #451495) - 13. By Jay Berkenbilt <email address hidden>
-
* Clean up 32-bit library patch to avoid excessive and unnecessary runs
of configure. (Closes: #447771)
* make setBreakType public in rbbi.h; needed by OpenOffice.org. This
patch is included in OpenOffice.org's internal ICU. Including it here
allows OpenOffice.org to continue to use this ICU package. Thanks
Rene Engelhard. (Closes: #448745)
* Rename debian/watch.not- yet to debian/no-watch so it won't get picked
up even though it's not supposed to. ICU's ftp site uses a structure
that isn't supported by uscan. (Closes: #449701) - 12. By Jay Berkenbilt <email address hidden>
-
Fix bug in which 32-bit library installs were overwriting files for
64-bit libraries on amd64. Thanks Robert Millan for the patch.
(Closes: #447275). - 11. By Jay Berkenbilt <email address hidden>
-
Include patch from Samuel Thibault to allow icu to build on gnu hurd.
(Closes: #414446)
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/precise/icu