ubuntu/+source/icu:ubuntu/precise-devel

Last commit made on 2017-03-13
Get this branch:
git clone -b ubuntu/precise-devel https://git.launchpad.net/ubuntu/+source/icu
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/precise-devel
Repository:
lp:ubuntu/+source/icu

Recent commits

d6c8175... by Marc Deslauriers on 2017-03-10

Import patches-unapplied version 4.8.1.1-3ubuntu0.7 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 14416c7b57c98266baaf894b06e5481258fc4acb

New changelog entries:
  * SECURITY UPDATE: Multiple security issues. Synchronize security fixes
    with Debian's 4.8.1.1-12+deb7u6 release. Thanks to Roberto C. Sanchez
    for the work this update is based on.
    - debian/patches/CVE-2014-9911.patch
    - debian/patches/CVE-2015-4844.patch
    - debian/patches/CVE-2016-0494.patch
    - debian/patches/CVE-2016-6293.patch
    - debian/patches/CVE-2016-7415.patch
    - CVE-2014-9911
    - CVE-2015-4844
    - CVE-2016-0494
    - CVE-2016-6293
    - CVE-2016-7415

14416c7... by Marc Deslauriers on 2015-09-11

Import patches-unapplied version 4.8.1.1-3ubuntu0.6 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 376c96530c546fe4ac4b4a16ce24f2e697cc74fe

New changelog entries:
  * SECURITY UPDATE: information disclosure via overflows
    - debian/patches/CVE-2015-2632.patch: properly calculate index in
      source/layout/Features.cpp, check for overflows in
      source/layout/LETableReference.h.
    - CVE-2015-2632
  * SECURITY UPDATE: denial of service and possible code execution via
    overflows
    - debian/patches/CVE-2015-4760.patch: check bounds in
      source/layout/ContextualGlyphInsertionProc2.cpp,
      source/layout/ContextualGlyphSubstProc.cpp,
      source/layout/ContextualGlyphSubstProc2.cpp,
      source/layout/IndicRearrangementProcessor.cpp,
      source/layout/IndicRearrangementProcessor2.cpp,
      use unsigned flags in source/layout/LigatureSubstProc.cpp,
      source/layout/StateTables.h, properly handle errors in
      source/layout/StateTableProcessor.cpp,
      source/layout/StateTableProcessor2.cpp.
    - CVE-2015-4760

376c965... by Marc Deslauriers on 2015-03-09

Import patches-unapplied version 4.8.1.1-3ubuntu0.5 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 53bd67c6601a86469ecf2aceb87231c3b20df8a5

New changelog entries:
  * SECURITY UPDATE: multiple issues via font file parsing (LP: #1429043)
    - debian/patches/layoutengine-security.patch: updated to fix ABI break
      and re-enabled.
    - debian/patches/CVE-2014-65xx.patch: re-enabled.
    - CVE-2013-1569
    - CVE-2013-2383
    - CVE-2013-2384
    - CVE-2013-2419
    - CVE-2014-6585
    - CVE-2014-6591

53bd67c... by Marc Deslauriers on 2015-03-06

Import patches-unapplied version 4.8.1.1-3ubuntu0.4 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: c5b7c5150f015b3e386226f323525766023aa293

New changelog entries:
  * SECURITY REGRESSION: libreoffice calc crash (LP: #1429043)
    - back out layoutengine-security.patch and CVE-2014-65xx.patch patches
      pending investigation.

c5b7c51... by Marc Deslauriers on 2015-03-04

Import patches-unapplied version 4.8.1.1-3ubuntu0.3 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 216cc9662eae210105a5202573d67c7050b16159

New changelog entries:
  * SECURITY UPDATE: multiple issues via incorrect font file parsing
    - debian/patches/layoutengine-security.patch: backport a whole new
      layout engine to source/layout/*, as provided by upstream.
    - CVE-2013-1569
    - CVE-2013-2383
    - CVE-2013-2384
    - CVE-2013-2419
  * SECURITY UPDATE: information disclosure via incorrect font file parsing
    - debian/patches/CVE-2014-65xx.patch: add checks to
      source/layout/ContextualSubstSubtables.cpp,
      source/layout/CursiveAttachmentSubtables.cpp,
      source/layout/Features.cpp,
      source/layout/LETableReference.h,
      source/layout/LigatureSubstSubtables.cpp,
      source/layout/MultipleSubstSubtables.cpp.
    - CVE-2014-6585
    - CVE-2014-6591
  * SECURITY UPDATE: denial of service or possible code execution in
    regular expressions
    - debian/patches/CVE-2014-7923.patch: add limits to
      source/i18n/regexcmp.cpp, add test to
      source/test/testdata/regextst.txt.
    - CVE-2014-7923
  * SECURITY UPDATE: denial of service or possible code execution in
    regular expressions
    - debian/patches/CVE-2014-7926.patch: fix incorrect optimization in
      source/i18n/regexcmp.cpp, fix comment in source/i18n/regexcmp.h,
      add test to source/test/testdata/regextst.txt.
    - CVE-2014-7926
  * SECURITY UPDATE: denial of service or possible code execution via
    uninitialized memory in the collator implementation
    - debian/patches/CVE-2014-7940.patch: properly handle memory in
      source/i18n/ucol.cpp.
    - CVE-2014-7940
  * SECURITY UPDATE: denial of service via incorrect pattern size limits
    - debian/patches/CVE-2014-9654.patch: fix case insensitive matches and
      check limits in source/common/unicode/utypes.h,
      source/common/utypes.c,
      source/i18n/regexcmp.cpp, source/i18n/regexcmp.h,
      source/i18n/regeximp.h, source/i18n/i18n.vcxproj.filters,
      source/i18n/unicode/regex.h, source/i18n/regeximp.cpp,
      source/i18n/rematch.cpp, source/i18n/i18n.vcxproj,
      source/i18n/Makefile.in, added tests to
      source/test/intltest/regextst.cpp, source/test/intltest/regextst.h,
      source/test/testdata/regextst.txt.
    - CVE-2014-9654
  * debian/rules: added cdbs autotools rule and adjust DEB_SRCDIR so test
    suite gets run during build.
  * debian/patches/two-digit-year-test.patch: fix test suite failure.

216cc96... by Marc Deslauriers on 2013-10-10

Import patches-unapplied version 4.8.1.1-3ubuntu0.1 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 1c87258afc980f65ffb179b094ef659660ef9367

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    race condition.
    - debian/patches/CVE-2013-0900.patch: fix thread safety issue in
      source/common/locid.cpp, source/common/unicode/locid.h.
    - CVE-2013-0900
  * SECURITY UPDATE: denial of service and possible code execution via
    use after free.
    - debian/patches/CVE-2013-2924.patch: check lengths in
      source/i18n/csrucode.cpp.
    - CVE-2013-2924

1c87258... by Jay Berkenbilt <email address hidden> on 2012-01-22

Import patches-unapplied version 4.8.1.1-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: bd0cc5e48c8d708da375b378d3eab56df0ea314f

New changelog entries:
  * Add patch to address CVE-2011-4599, a potential buffer overflow.
    (Closes: #654883)

bd0cc5e... by Jay Berkenbilt <email address hidden> on 2012-01-04

Import patches-unapplied version 4.8.1.1-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: abe05bf9bb8d77efa418744ae4fde02dcd7acc09

New changelog entries:
  * debian/patches/icudata-stdlibs.patch: Link stdlibs to libicudata so we
    get reasonably sane ELF headers on armhf. Thanks Adam Conrad
    <email address hidden>. (Closes: #653457)

abe05bf... by Jay Berkenbilt <email address hidden> on 2011-11-09

Import patches-unapplied version 4.8.1.1-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: f1bbac640961ea04d81366c70c1a0d5ccb531446

New changelog entries:
  * New upstream release
  * Add simple patch to define PATH_MAX when not defined. Not an ideal
    solution, but it will do for now. (Closes: #643661)

f1bbac6... by Jay Berkenbilt <email address hidden> on 2011-09-10

Import patches-unapplied version 4.8.1-2 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: 6d56d65feec5f5f7fe42bf89cfa4fb0ef02b4cf8

New changelog entries:
  * Fix 64-bit kfreebsd configure problem. Thanks Petr Salinger.
    (Closes: #630517)