UbuntuUpdates.org

Package "icu"

Name: icu

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Development utilities for International Components for Unicode
  • API documentation for ICU classes and functions
  • Development files for International Components for Unicode
  • International Components for Unicode

Latest version: 55.1-7ubuntu0.5
Release: xenial (16.04)
Level: security
Repository: main

Links



Other versions of "icu" in Xenial

Repository Area Version
base main 55.1-7
updates main 55.1-7ubuntu0.5

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 55.1-7ubuntu0.5 2020-03-17 14:06:26 UTC

  icu (55.1-7ubuntu0.5) xenial-security; urgency=medium

  * SECURITY UPDATE: Integer Overflow
    - debian/patches/CVE-2020-10531.patch: adds a int32_t overflow
      check when calculate a newLen in doReplace function in
      source/common/unistr.cpp.
    - CVE-2020-10531

 -- <email address hidden> (Leonidas S. Barbosa) Mon, 16 Mar 2020 15:23:15 -0300

Source diff to previous version
CVE-2020-10531 An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer ove

Version: 55.1-7ubuntu0.4 2018-03-28 21:06:51 UTC

  icu (55.1-7ubuntu0.4) xenial-security; urgency=medium

  * SECURITY UPDATE: integer overflow in Persian Cal
    - debian/patches/CVE-2017-15422.patch: use int64_t math for one
      operation to avoid overflow, add tests in source/i18n/gregoimp.cpp,
      source/i18n/gregoimp.h, source/i18n/persncal.cpp,
      source/test/intltest/calregts.cpp, source/test/intltest/calregts.h.
    - CVE-2017-15422

 -- Marc Deslauriers <email address hidden> Tue, 27 Mar 2018 11:09:09 -0400

Source diff to previous version
CVE-2017-15422 integer overflow in icu

Version: 55.1-7ubuntu0.3 2017-10-23 18:06:44 UTC

  icu (55.1-7ubuntu0.3) xenial-security; urgency=medium

  * SECURITY UPDATE: double free
    - debian/patches/CVE-2017-14952.patch: fixes double free in
      createMetaZoneMappings() source/i18n/zonemeta.cpp.
    - CVE-2017-14952

 -- <email address hidden> (Leonidas S. Barbosa) Tue, 17 Oct 2017 09:14:31 -0300

Source diff to previous version
CVE-2017-14952 Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary co

Version: 55.1-7ubuntu0.2 2017-05-02 20:07:00 UTC

  icu (55.1-7ubuntu0.2) xenial-security; urgency=medium

  * SECURITY UPDATE: out-of-bounds write in common/utext.cpp
    (LP: #1684298)
    - debian/patches/CVE-2017-786x.patch: properly handle chunk size in
      source/common/utext.cpp, added test to
      source/test/intltest/utxttest.cpp, source/test/intltest/utxttest.h.
    - CVE-2017-7867
    - CVE-2017-7868

 -- Marc Deslauriers <email address hidden> Tue, 02 May 2017 08:35:09 -0400

Source diff to previous version
1684298 Security issues (solved in Debian) - affecting icu52 in trusty
CVE-2017-7867 International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to t
CVE-2017-7868 International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to t

Version: 55.1-7ubuntu0.1 2017-03-13 17:06:45 UTC

  icu (55.1-7ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Multiple security issues. Synchronize security fixes
    with Debian's 52.1-8+deb8u4 release. Thanks to Laszlo Boszormenyi for
    the work this update is based on.
    - debian/patches/CVE-2015-4844.patch
    - debian/patches/CVE-2016-0494.patch
    - debian/patches/CVE-2016-6293.patch
    - debian/patches/CVE-2016-7415.patch
    - CVE-2015-4844
    - CVE-2016-0494
    - CVE-2016-6293
    - CVE-2016-7415

 -- Marc Deslauriers <email address hidden> Fri, 10 Mar 2017 11:29:45 -0500

CVE-2015-4844 Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...
CVE-2016-0494 Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows rem
CVE-2016-6293 The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ does not ensure that
CVE-2016-7415 Stack-based buffer overflow in the Locale class in common/locid.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ allows remot



About   -   Send Feedback to @ubuntu_updates