ubuntu/+source/icu:ubuntu/trusty-devel

Last commit made on 2018-03-28
Get this branch:
git clone -b ubuntu/trusty-devel https://git.launchpad.net/ubuntu/+source/icu
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/trusty-devel
Repository:
lp:ubuntu/+source/icu

Recent commits

9c1160d... by Marc Deslauriers on 2018-03-27

Import patches-unapplied version 52.1-3ubuntu0.8 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 57acf21508f5e2b4f438ffa3f32d6ae55790f558

New changelog entries:
  * SECURITY UPDATE: integer overflow in Persian Cal
    - debian/patches/CVE-2017-15422.patch: use int64_t math for one
      operation to avoid overflow, add tests in source/i18n/gregoimp.cpp,
      source/i18n/gregoimp.h, source/i18n/persncal.cpp,
      source/test/intltest/calregts.cpp, source/test/intltest/calregts.h.
    - CVE-2017-15422

57acf21... by Leonidas S. Barbosa on 2017-10-17

Import patches-unapplied version 52.1-3ubuntu0.7 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 57d20b2071efcbbdff31d7267daf0bf6e8607369

New changelog entries:
  * SECURITY UPDATE: double free
    - debian/patches/CVE-2017-14952.patch: fixes double free in
      createMetaZoneMappings() source/i18n/zonemeta.cpp.
    - CVE-2017-14952

57d20b2... by Marc Deslauriers on 2017-05-02

Import patches-unapplied version 52.1-3ubuntu0.6 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 9bfa0f9790a418e9fe60e74d0574728a3d0408d8

New changelog entries:
  * SECURITY UPDATE: out-of-bounds write in common/utext.cpp
    (LP: #1684298)
    - debian/patches/CVE-2017-786x.patch: properly handle chunk size in
      source/common/utext.cpp, added test to
      source/test/intltest/utxttest.cpp, source/test/intltest/utxttest.h.
    - CVE-2017-7867
    - CVE-2017-7868

9bfa0f9... by Marc Deslauriers on 2017-03-10

Import patches-unapplied version 52.1-3ubuntu0.5 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: eadfd663557325b173696bfecb6613edc03f4d84

New changelog entries:
  * SECURITY UPDATE: Multiple security issues. Synchronize security fixes
    with Debian's 52.1-8+deb8u4 release. Thanks to Laszlo Boszormenyi for
    the work this update is based on.
    - debian/patches/CVE-2014-9911.patch
    - debian/patches/CVE-2015-4844.patch
    - debian/patches/CVE-2016-0494.patch
    - debian/patches/CVE-2016-6293.patch
    - debian/patches/CVE-2016-7415.patch
    - CVE-2014-9911
    - CVE-2015-4844
    - CVE-2016-0494
    - CVE-2016-6293
    - CVE-2016-7415

eadfd66... by Marc Deslauriers on 2015-09-11

Import patches-unapplied version 52.1-3ubuntu0.4 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 236414676ed6a6e071613a17eaf1e590c7ce1eb0

New changelog entries:
  * SECURITY UPDATE: denial of service via mishandling of converter names
    with initial x- substrings
    - debian/patches/CVE-2015-1270.patch: fix logic in
      source/common/ucnv_io.cpp.
    - CVE-2015-1270
  * SECURITY UPDATE: information disclosure via overflows
    - debian/patches/CVE-2015-2632.patch: properly calculate index in
      source/layout/Features.cpp, check for overflows in
      source/layout/LETableReference.h.
    - CVE-2015-2632
  * SECURITY UPDATE: denial of service and possible code execution via
    overflows
    - debian/patches/CVE-2015-4760.patch: check bounds in
      source/layout/ContextualGlyphInsertionProc2.cpp,
      source/layout/ContextualGlyphSubstProc.cpp,
      source/layout/ContextualGlyphSubstProc2.cpp,
      source/layout/IndicRearrangementProcessor.cpp,
      source/layout/IndicRearrangementProcessor2.cpp,
      use unsigned flags in source/layout/LigatureSubstProc.cpp,
      source/layout/StateTables.h, properly handle errors in
      source/layout/StateTableProcessor.cpp,
      source/layout/StateTableProcessor2.cpp.
    - CVE-2015-4760

2364146... by Marc Deslauriers on 2015-05-08

Import patches-unapplied version 52.1-3ubuntu0.3 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: f4b3ee9de87c61aee132df13e7c47786c333361b

New changelog entries:
  * SECURITY UPDATE: heap overflow via incorrect isolateCount
    - debian/patches/CVE-2015-8146.patch: check for valid isolateCount in
      source/common/ubidi.c.
    - CVE-2015-8146
  * SECURITY UPDATE: integer overflow via incorrect state size
    - debian/patches/CVE-2015-8147.patch: change state to int32_t in
      source/common/ubidiimp.h.
    - CVE-2015-8147

f4b3ee9... by Marc Deslauriers on 2015-03-04

Import patches-unapplied version 52.1-3ubuntu0.2 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: beac7b9a31c33b81c627700a55415884eea3b7f0

New changelog entries:
  * SECURITY UPDATE: information disclosure via incorrect font file parsing
    - debian/patches/CVE-2014-65xx.patch: add checks to
      source/layout/ContextualSubstSubtables.cpp,
      source/layout/CursiveAttachmentSubtables.cpp,
      source/layout/Features.cpp,
      source/layout/LETableReference.h,
      source/layout/LigatureSubstSubtables.cpp,
      source/layout/MultipleSubstSubtables.cpp.
    - CVE-2014-6585
    - CVE-2014-6591
  * SECURITY UPDATE: denial of service or possible code execution in
    regular expressions
    - debian/patches/CVE-2014-7923.patch: add limits to
      source/i18n/regexcmp.cpp, add test to
      source/test/testdata/regextst.txt.
    - CVE-2014-7923
  * SECURITY UPDATE: denial of service or possible code execution in
    regular expressions
    - debian/patches/CVE-2014-7926.patch: fix incorrect optimization in
      source/i18n/regexcmp.cpp, fix comment in source/i18n/regexcmp.h,
      add test to source/test/testdata/regextst.txt.
    - CVE-2014-7926
  * SECURITY UPDATE: denial of service or possible code execution via
    uninitialized memory in the collator implementation
    - debian/patches/CVE-2014-7940.patch: properly handle memory in
      source/i18n/ucol.cpp.
    - CVE-2014-7940
  * SECURITY UPDATE: denial of service via incorrect pattern size limits
    - debian/patches/CVE-2014-9654.patch: check limits in
      source/common/unicode/utypes.h, source/common/utypes.c,
      source/i18n/regexcmp.cpp, source/i18n/regexcmp.h,
      source/i18n/regeximp.h, added test to
      source/test/intltest/regextst.cpp, source/test/intltest/regextst.h.
    - CVE-2014-9654
  * debian/patches/two-digit-year-test.patch: fix FTBFS caused by known
    test suite failure.

beac7b9... by Jay Berkenbilt <email address hidden> on 2013-12-24

Import patches-unapplied version 52.1-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: dab23cc1c299b562541aeafe317f6341647c2a18

New changelog entries:
  * Add package dependency information to assist with upgrades in Ubuntu.
    This eliminates the need for a delta on the Ubuntu version of the
    package.

dab23cc... by Jay Berkenbilt <email address hidden> on 2013-12-03

Import patches-unapplied version 52.1-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: bca64f62248b485635898e90518b5e45767c6851

New changelog entries:
  * Re-upload to unstable

bca64f6... by Jay Berkenbilt <email address hidden> on 2013-11-13

Import patches-unapplied version 52.1-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: 93b35b05ddeaf9dddfd205332745b790d9cf0cdc

New changelog entries:
  * New upstream release
  * Standards version 3.9.5 (no changes required)