Package "libicu48-dbg"
Name: |
libicu48-dbg
|
Description: |
International Components for Unicode
|
Latest version: |
4.8.1.1-3ubuntu0.10 |
Release: |
precise (12.04) |
Level: |
security |
Repository: |
main |
Head package: |
icu |
Homepage: |
http://www.icu-project.org |
Links
Download "libicu48-dbg"
Other versions of "libicu48-dbg" in Precise
Changelog
icu (4.8.1.1-3ubuntu0.10) precise-security; urgency=medium
* SECURITY UPDATE: Integer Overflow
- debian/patches/CVE-2020-10531.patch: adds a int32_t overflow
check when calculate a newLen in doReplace function in
source/common/unistr.cpp.
- CVE-2020-10531
-- <email address hidden> (Leonidas S. Barbosa) Mon, 16 Mar 2020 14:05:37 -0300
|
Source diff to previous version |
CVE-2020-10531 |
An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer ove |
|
icu (4.8.1.1-3ubuntu0.7) precise-security; urgency=medium
* SECURITY UPDATE: Multiple security issues. Synchronize security fixes
with Debian's 4.8.1.1-12+deb7u6 release. Thanks to Roberto C. Sanchez
for the work this update is based on.
- debian/patches/CVE-2014-9911.patch
- debian/patches/CVE-2015-4844.patch
- debian/patches/CVE-2016-0494.patch
- debian/patches/CVE-2016-6293.patch
- debian/patches/CVE-2016-7415.patch
- CVE-2014-9911
- CVE-2015-4844
- CVE-2016-0494
- CVE-2016-6293
- CVE-2016-7415
-- Marc Deslauriers <email address hidden> Fri, 10 Mar 2017 11:43:22 -0500
|
Source diff to previous version |
CVE-2014-9911 |
Stack-based buffer overflow in the ures_getByKeyWithFallback function in common/uresbund.cpp in International Components for Unicode (ICU) before 54. |
CVE-2015-4844 |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ... |
CVE-2016-0494 |
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows rem |
CVE-2016-6293 |
The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ does not ensure that |
CVE-2016-7415 |
Stack-based buffer overflow in the Locale class in common/locid.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ allows remot |
|
icu (4.8.1.1-3ubuntu0.6) precise-security; urgency=medium
* SECURITY UPDATE: information disclosure via overflows
- debian/patches/CVE-2015-2632.patch: properly calculate index in
source/layout/Features.cpp, check for overflows in
source/layout/LETableReference.h.
- CVE-2015-2632
* SECURITY UPDATE: denial of service and possible code execution via
overflows
- debian/patches/CVE-2015-4760.patch: check bounds in
source/layout/ContextualGlyphInsertionProc2.cpp,
source/layout/ContextualGlyphSubstProc.cpp,
source/layout/ContextualGlyphSubstProc2.cpp,
source/layout/IndicRearrangementProcessor.cpp,
source/layout/IndicRearrangementProcessor2.cpp,
use unsigned flags in source/layout/LigatureSubstProc.cpp,
source/layout/StateTables.h, properly handle errors in
source/layout/StateTableProcessor.cpp,
source/layout/StateTableProcessor2.cpp.
- CVE-2015-4760
-- Marc Deslauriers Fri, 11 Sep 2015 09:29:59 -0400
|
Source diff to previous version |
CVE-2015-2632 |
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to 2D. |
CVE-2015-4760 |
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via u |
|
icu (4.8.1.1-3ubuntu0.5) precise-security; urgency=medium
* SECURITY UPDATE: multiple issues via font file parsing (LP: #1429043)
- debian/patches/layoutengine-security.patch: updated to fix ABI break
and re-enabled.
- debian/patches/CVE-2014-65xx.patch: re-enabled.
- CVE-2013-1569
- CVE-2013-2383
- CVE-2013-2384
- CVE-2013-2419
- CVE-2014-6585
- CVE-2014-6591
-- Marc Deslauriers <email address hidden> Mon, 09 Mar 2015 13:43:14 -0400
|
Source diff to previous version |
1429043 |
libicu48 4.8.1.1-3ubuntu0.3 causes libreoffice 3 calc \ |
CVE-2013-1569 |
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 |
CVE-2013-2383 |
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 |
CVE-2013-2384 |
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 |
CVE-2013-2419 |
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 |
CVE-2014-6585 |
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors reelat |
CVE-2014-6591 |
Unspecified vulnerability in the Java SE component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality v |
|
icu (4.8.1.1-3ubuntu0.4) precise-security; urgency=medium
* SECURITY REGRESSION: libreoffice calc crash (LP: #1429043)
- back out layoutengine-security.patch and CVE-2014-65xx.patch patches
pending investigation.
-- Marc Deslauriers <email address hidden> Fri, 06 Mar 2015 11:36:47 -0500
|
1429043 |
libicu48 4.8.1.1-3ubuntu0.3 causes libreoffice 3 calc \ |
|
About
-
Send Feedback to @ubuntu_updates