ubuntu/+source/icu:applied/ubuntu/vivid-security

Last commit made on 2015-09-16
Get this branch:
git clone -b applied/ubuntu/vivid-security https://git.launchpad.net/ubuntu/+source/icu
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/vivid-security
Repository:
lp:ubuntu/+source/icu

Recent commits

483fcb0... by Marc Deslauriers on 2015-09-11

Import patches-applied version 52.1-8ubuntu0.2 to applied/ubuntu/vivid-security

Imported using git-ubuntu import.

Changelog parent: d0c3554ac2d92a8f29ce1c63828c1b2a43762740
Unapplied parent: 0afcc8ba7f1a807eaa15100c36441291b2b0d88d

New changelog entries:
  * SECURITY UPDATE: denial of service via mishandling of converter names
    with initial x- substrings
    - debian/patches/CVE-2015-1270.patch: fix logic in
      source/common/ucnv_io.cpp.
    - CVE-2015-1270
  * SECURITY UPDATE: information disclosure via overflows
    - debian/patches/CVE-2015-2632.patch: properly calculate index in
      source/layout/Features.cpp, check for overflows in
      source/layout/LETableReference.h.
    - CVE-2015-2632
  * SECURITY UPDATE: denial of service and possible code execution via
    overflows
    - debian/patches/CVE-2015-4760.patch: check bounds in
      source/layout/ContextualGlyphInsertionProc2.cpp,
      source/layout/ContextualGlyphSubstProc.cpp,
      source/layout/ContextualGlyphSubstProc2.cpp,
      source/layout/IndicRearrangementProcessor.cpp,
      source/layout/IndicRearrangementProcessor2.cpp,
      use unsigned flags in source/layout/LigatureSubstProc.cpp,
      source/layout/StateTables.h, properly handle errors in
      source/layout/StateTableProcessor.cpp,
      source/layout/StateTableProcessor2.cpp.
    - CVE-2015-4760

0afcc8b... by Marc Deslauriers on 2015-09-11

fix denial of service and possible code execution via overflows

Gbp-Pq: CVE-2015-4760.patch.

25b5f3c... by Marc Deslauriers on 2015-09-11

fix information disclosure via overflows

Gbp-Pq: CVE-2015-2632.patch.

d3d6675... by Marc Deslauriers on 2015-09-11

fix denial of service via mishandling of converter names

Gbp-Pq: CVE-2015-1270.patch.

97c9cb1... by Marc Deslauriers on 2015-09-11

fix integer overflow via incorrect state size

Gbp-Pq: CVE-2015-8147.patch.

0768b7a... by Marc Deslauriers on 2015-09-11

fix heap overflow via incorrect isolateCount

Gbp-Pq: CVE-2015-8146.patch.

0a1b63f... by Marc Deslauriers on 2015-09-11

CVE-2014-9654.patch

No DEP3 Subject or Description header found

Gbp-Pq: CVE-2014-9654.patch.

080d914... by Marc Deslauriers on 2015-09-11

CVE-2014-7940.patch

No DEP3 Subject or Description header found

Gbp-Pq: CVE-2014-7940.patch.

73ffd6a... by Marc Deslauriers on 2015-09-11

CVE-2014-7923+7926.patch

No DEP3 Subject or Description header found

Gbp-Pq: CVE-2014-7923+7926.patch.

7c91646... by Marc Deslauriers on 2015-09-11

fix ICU font parsing problem

Gbp-Pq: CVE-2014-6591.patch.