UbuntuUpdates.org

Package "icu-doc"

Name: icu-doc

Description:

API documentation for ICU classes and functions

Latest version: 4.8.1.1-3ubuntu0.10
Release: precise (12.04)
Level: updates
Repository: main
Head package: icu
Homepage: http://www.icu-project.org

Links


Download "icu-doc"


Other versions of "icu-doc" in Precise

Repository Area Version
base main 4.8.1.1-3
security main 4.8.1.1-3ubuntu0.10
PPA: LibreOffice 4.8.1.1-13+nmu1ubuntu1~precise1

Changelog

Version: 4.8.1.1-3ubuntu0.10 2021-05-03 15:06:25 UTC

  icu (4.8.1.1-3ubuntu0.10) precise-security; urgency=medium

  * SECURITY UPDATE: Integer Overflow
    - debian/patches/CVE-2020-10531.patch: adds a int32_t overflow
      check when calculate a newLen in doReplace function in
      source/common/unistr.cpp.
    - CVE-2020-10531

 -- <email address hidden> (Leonidas S. Barbosa) Mon, 16 Mar 2020 14:05:37 -0300

Source diff to previous version
CVE-2020-10531 An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer ove

Version: 4.8.1.1-3ubuntu0.7 2017-03-13 18:06:55 UTC

  icu (4.8.1.1-3ubuntu0.7) precise-security; urgency=medium

  * SECURITY UPDATE: Multiple security issues. Synchronize security fixes
    with Debian's 4.8.1.1-12+deb7u6 release. Thanks to Roberto C. Sanchez
    for the work this update is based on.
    - debian/patches/CVE-2014-9911.patch
    - debian/patches/CVE-2015-4844.patch
    - debian/patches/CVE-2016-0494.patch
    - debian/patches/CVE-2016-6293.patch
    - debian/patches/CVE-2016-7415.patch
    - CVE-2014-9911
    - CVE-2015-4844
    - CVE-2016-0494
    - CVE-2016-6293
    - CVE-2016-7415

 -- Marc Deslauriers <email address hidden> Fri, 10 Mar 2017 11:43:22 -0500

Source diff to previous version
CVE-2014-9911 Stack-based buffer overflow in the ures_getByKeyWithFallback function in common/uresbund.cpp in International Components for Unicode (ICU) before 54.
CVE-2015-4844 Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...
CVE-2016-0494 Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows rem
CVE-2016-6293 The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ does not ensure that
CVE-2016-7415 Stack-based buffer overflow in the Locale class in common/locid.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ allows remot

Version: 4.8.1.1-3ubuntu0.6 2015-09-16 19:06:42 UTC

  icu (4.8.1.1-3ubuntu0.6) precise-security; urgency=medium

  * SECURITY UPDATE: information disclosure via overflows
    - debian/patches/CVE-2015-2632.patch: properly calculate index in
      source/layout/Features.cpp, check for overflows in
      source/layout/LETableReference.h.
    - CVE-2015-2632
  * SECURITY UPDATE: denial of service and possible code execution via
    overflows
    - debian/patches/CVE-2015-4760.patch: check bounds in
      source/layout/ContextualGlyphInsertionProc2.cpp,
      source/layout/ContextualGlyphSubstProc.cpp,
      source/layout/ContextualGlyphSubstProc2.cpp,
      source/layout/IndicRearrangementProcessor.cpp,
      source/layout/IndicRearrangementProcessor2.cpp,
      use unsigned flags in source/layout/LigatureSubstProc.cpp,
      source/layout/StateTables.h, properly handle errors in
      source/layout/StateTableProcessor.cpp,
      source/layout/StateTableProcessor2.cpp.
    - CVE-2015-4760

 -- Marc Deslauriers Fri, 11 Sep 2015 09:29:59 -0400

Source diff to previous version
CVE-2015-2632 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
CVE-2015-4760 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via u

Version: 4.8.1.1-3ubuntu0.5 2015-03-10 21:06:24 UTC

  icu (4.8.1.1-3ubuntu0.5) precise-security; urgency=medium

  * SECURITY UPDATE: multiple issues via font file parsing (LP: #1429043)
    - debian/patches/layoutengine-security.patch: updated to fix ABI break
      and re-enabled.
    - debian/patches/CVE-2014-65xx.patch: re-enabled.
    - CVE-2013-1569
    - CVE-2013-2383
    - CVE-2013-2384
    - CVE-2013-2419
    - CVE-2014-6585
    - CVE-2014-6591
 -- Marc Deslauriers <email address hidden> Mon, 09 Mar 2015 13:43:14 -0400

Source diff to previous version
1429043 libicu48 4.8.1.1-3ubuntu0.3 causes libreoffice 3 calc \
CVE-2013-1569 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0
CVE-2013-2383 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0
CVE-2013-2384 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0
CVE-2013-2419 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0
CVE-2014-6585 Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors reelat
CVE-2014-6591 Unspecified vulnerability in the Java SE component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality v

Version: 4.8.1.1-3ubuntu0.4 2015-03-06 21:06:24 UTC

  icu (4.8.1.1-3ubuntu0.4) precise-security; urgency=medium

  * SECURITY REGRESSION: libreoffice calc crash (LP: #1429043)
    - back out layoutengine-security.patch and CVE-2014-65xx.patch patches
      pending investigation.
 -- Marc Deslauriers <email address hidden> Fri, 06 Mar 2015 11:36:47 -0500

1429043 libicu48 4.8.1.1-3ubuntu0.3 causes libreoffice 3 calc \



About   -   Send Feedback to @ubuntu_updates