Change log for icu package in Ubuntu
76 → 150 of 161 results | First • Previous • Next • Last |
Superseded in xenial-release |
Obsolete in wily-release |
Deleted in wily-proposed (Reason: moved to release) |
icu (55.1-4ubuntu1) wily; urgency=medium * SECURITY UPDATE: denial of service via mishandling of converter names with initial x- substrings - debian/patches/CVE-2015-1270.patch: fix patch so it actually applies. - CVE-2015-1270 * SECURITY UPDATE: information disclosure via overflows - debian/patches/CVE-2015-2632.patch: properly calculate index in source/layout/Features.cpp, check for overflows in source/layout/LETableReference.h. - CVE-2015-2632 -- Marc Deslauriers <email address hidden> Fri, 11 Sep 2015 08:24:31 -0400
Available diffs
icu (55.1-4) unstable; urgency=low [ Helmut Grohne <email address hidden> ] * Support parallel building (closes: #794617). * Support cross compilation (closes: #784668). -- Laszlo Boszormenyi (GCS) <email address hidden> Sat, 08 Aug 2015 10:39:07 +0000
Available diffs
- diff from 52.1-10 to 55.1-4 (5.0 MiB)
- diff from 55.1-3.1 to 55.1-4 (1.0 KiB)
icu (55.1-3.1) unstable; urgency=medium * Non-maintainer upload. * Fix build on hurd-i386 (Samuel Thibault). Closes: #794404. -- Matthias Klose <email address hidden> Mon, 03 Aug 2015 12:21:04 +0200
Available diffs
- diff from 55.1-3 to 55.1-3.1 (993 bytes)
icu (55.1-3) unstable; urgency=high * Fix CVE-2015-1270 . * Add fixes for CVE-2014-6585.patch and CVE-2015-4760.patch . * Upload to unstable for GCC 5 transition (closes: #791072). -- Laszlo Boszormenyi (GCS) <email address hidden> Sun, 02 Aug 2015 14:13:05 +0200
Available diffs
icu (52.1-10) unstable; urgency=high * Fix security bugs: - CVE-2015-4760 , missing boundary checks in layout engine, - CVE-2014-6585 , finish null pointer checks. -- Laszlo Boszormenyi (GCS) <email address hidden> Fri, 17 Jul 2015 18:46:28 +0000
Available diffs
- diff from 52.1-9 to 52.1-10 (3.0 KiB)
Superseded in wily-proposed |
icu (55.1-1build1) wily; urgency=medium * Build using GCC 5.
Available diffs
- diff from 52.1-10 (in Debian) to 55.1-1build1 (5.0 MiB)
- diff from 52.1-9ubuntu1 to 55.1-1build1 (5.0 MiB)
icu (52.1-9) unstable; urgency=high * Fix security bugs (closes: #784773): - CVE-2014-8146 , a heap overflow, - CVE-2014-8147 , an integer overflow. -- Laszlo Boszormenyi (GCS) <email address hidden> Fri, 08 May 2015 20:35:32 +0000
Available diffs
icu (52.1-8ubuntu1) wily; urgency=medium * SECURITY UPDATE: heap overflow via incorrect isolateCount - debian/patches/CVE-2015-8146.patch: check for valid isolateCount in source/common/ubidi.c. - CVE-2015-8146 * SECURITY UPDATE: integer overflow via incorrect state size - debian/patches/CVE-2015-8147.patch: change state to int32_t in source/common/ubidiimp.h. - CVE-2015-8147 -- Marc Deslauriers <email address hidden> Fri, 08 May 2015 08:23:49 -0400
Available diffs
icu (52.1-8ubuntu0.1) vivid-security; urgency=medium * SECURITY UPDATE: heap overflow via incorrect isolateCount - debian/patches/CVE-2015-8146.patch: check for valid isolateCount in source/common/ubidi.c. - CVE-2015-8146 * SECURITY UPDATE: integer overflow via incorrect state size - debian/patches/CVE-2015-8147.patch: change state to int32_t in source/common/ubidiimp.h. - CVE-2015-8147 -- Marc Deslauriers <email address hidden> Fri, 08 May 2015 08:29:07 -0400
Available diffs
icu (52.1-3ubuntu0.3) trusty-security; urgency=medium * SECURITY UPDATE: heap overflow via incorrect isolateCount - debian/patches/CVE-2015-8146.patch: check for valid isolateCount in source/common/ubidi.c. - CVE-2015-8146 * SECURITY UPDATE: integer overflow via incorrect state size - debian/patches/CVE-2015-8147.patch: change state to int32_t in source/common/ubidiimp.h. - CVE-2015-8147 -- Marc Deslauriers <email address hidden> Fri, 08 May 2015 08:49:45 -0400
Available diffs
icu (52.1-6ubuntu0.3) utopic-security; urgency=medium * SECURITY UPDATE: heap overflow via incorrect isolateCount - debian/patches/CVE-2015-8146.patch: check for valid isolateCount in source/common/ubidi.c. - CVE-2015-8146 * SECURITY UPDATE: integer overflow via incorrect state size - debian/patches/CVE-2015-8147.patch: change state to int32_t in source/common/ubidiimp.h. - CVE-2015-8147 -- Marc Deslauriers <email address hidden> Fri, 08 May 2015 08:49:12 -0400
Available diffs
Superseded in wily-release |
Obsolete in vivid-release |
Deleted in vivid-proposed (Reason: moved to release) |
icu (52.1-8) unstable; urgency=high * New maintainer (closes: #777694). * Update Standars-Version to 3.9.6 . [ Michael Gilbert <email address hidden> ] * Apply a more complete fix for CVE-2014-7940 (closes: #780503). - Thanks to Marc Deslauriers. -- Laszlo Boszormenyi (GCS) <email address hidden> Tue, 17 Mar 2015 11:14:15 +0000
Available diffs
- diff from 52.1-7.1 to 52.1-8 (1.4 KiB)
icu (4.8.1.1-3ubuntu0.5) precise-security; urgency=medium * SECURITY UPDATE: multiple issues via font file parsing (LP: #1429043) - debian/patches/layoutengine-security.patch: updated to fix ABI break and re-enabled. - debian/patches/CVE-2014-65xx.patch: re-enabled. - CVE-2013-1569 - CVE-2013-2383 - CVE-2013-2384 - CVE-2013-2419 - CVE-2014-6585 - CVE-2014-6591 -- Marc Deslauriers <email address hidden> Mon, 09 Mar 2015 13:43:14 -0400
Available diffs
icu (4.8.1.1-3ubuntu0.4) precise-security; urgency=medium * SECURITY REGRESSION: libreoffice calc crash (LP: #1429043) - back out layoutengine-security.patch and CVE-2014-65xx.patch patches pending investigation. -- Marc Deslauriers <email address hidden> Fri, 06 Mar 2015 11:36:47 -0500
Available diffs
icu (52.1-3ubuntu0.2) trusty-security; urgency=medium * SECURITY UPDATE: information disclosure via incorrect font file parsing - debian/patches/CVE-2014-65xx.patch: add checks to source/layout/ContextualSubstSubtables.cpp, source/layout/CursiveAttachmentSubtables.cpp, source/layout/Features.cpp, source/layout/LETableReference.h, source/layout/LigatureSubstSubtables.cpp, source/layout/MultipleSubstSubtables.cpp. - CVE-2014-6585 - CVE-2014-6591 * SECURITY UPDATE: denial of service or possible code execution in regular expressions - debian/patches/CVE-2014-7923.patch: add limits to source/i18n/regexcmp.cpp, add test to source/test/testdata/regextst.txt. - CVE-2014-7923 * SECURITY UPDATE: denial of service or possible code execution in regular expressions - debian/patches/CVE-2014-7926.patch: fix incorrect optimization in source/i18n/regexcmp.cpp, fix comment in source/i18n/regexcmp.h, add test to source/test/testdata/regextst.txt. - CVE-2014-7926 * SECURITY UPDATE: denial of service or possible code execution via uninitialized memory in the collator implementation - debian/patches/CVE-2014-7940.patch: properly handle memory in source/i18n/ucol.cpp. - CVE-2014-7940 * SECURITY UPDATE: denial of service via incorrect pattern size limits - debian/patches/CVE-2014-9654.patch: check limits in source/common/unicode/utypes.h, source/common/utypes.c, source/i18n/regexcmp.cpp, source/i18n/regexcmp.h, source/i18n/regeximp.h, added test to source/test/intltest/regextst.cpp, source/test/intltest/regextst.h. - CVE-2014-9654 * debian/patches/two-digit-year-test.patch: fix FTBFS caused by known test suite failure. -- Marc Deslauriers <email address hidden> Wed, 04 Mar 2015 11:30:28 -0500
Available diffs
icu (52.1-6ubuntu0.2) utopic-security; urgency=medium * SECURITY UPDATE: information disclosure via incorrect font file parsing - debian/patches/CVE-2014-65xx.patch: add checks to source/layout/ContextualSubstSubtables.cpp, source/layout/CursiveAttachmentSubtables.cpp, source/layout/Features.cpp, source/layout/LETableReference.h, source/layout/LigatureSubstSubtables.cpp, source/layout/MultipleSubstSubtables.cpp. - CVE-2014-6585 - CVE-2014-6591 * SECURITY UPDATE: denial of service or possible code execution in regular expressions - debian/patches/CVE-2014-7923.patch: add limits to source/i18n/regexcmp.cpp, add test to source/test/testdata/regextst.txt. - CVE-2014-7923 * SECURITY UPDATE: denial of service or possible code execution in regular expressions - debian/patches/CVE-2014-7926.patch: fix incorrect optimization in source/i18n/regexcmp.cpp, fix comment in source/i18n/regexcmp.h, add test to source/test/testdata/regextst.txt. - CVE-2014-7926 * SECURITY UPDATE: denial of service or possible code execution via uninitialized memory in the collator implementation - debian/patches/CVE-2014-7940.patch: properly handle memory in source/i18n/ucol.cpp. - CVE-2014-7940 * SECURITY UPDATE: denial of service via incorrect pattern size limits - debian/patches/CVE-2014-9654.patch: check limits in source/common/unicode/utypes.h, source/common/utypes.c, source/i18n/regexcmp.cpp, source/i18n/regexcmp.h, source/i18n/regeximp.h, added test to source/test/intltest/regextst.cpp, source/test/intltest/regextst.h. - CVE-2014-9654 -- Marc Deslauriers <email address hidden> Wed, 04 Mar 2015 11:33:14 -0500
Available diffs
icu (4.8.1.1-3ubuntu0.3) precise-security; urgency=medium * SECURITY UPDATE: multiple issues via incorrect font file parsing - debian/patches/layoutengine-security.patch: backport a whole new layout engine to source/layout/*, as provided by upstream. - CVE-2013-1569 - CVE-2013-2383 - CVE-2013-2384 - CVE-2013-2419 * SECURITY UPDATE: information disclosure via incorrect font file parsing - debian/patches/CVE-2014-65xx.patch: add checks to source/layout/ContextualSubstSubtables.cpp, source/layout/CursiveAttachmentSubtables.cpp, source/layout/Features.cpp, source/layout/LETableReference.h, source/layout/LigatureSubstSubtables.cpp, source/layout/MultipleSubstSubtables.cpp. - CVE-2014-6585 - CVE-2014-6591 * SECURITY UPDATE: denial of service or possible code execution in regular expressions - debian/patches/CVE-2014-7923.patch: add limits to source/i18n/regexcmp.cpp, add test to source/test/testdata/regextst.txt. - CVE-2014-7923 * SECURITY UPDATE: denial of service or possible code execution in regular expressions - debian/patches/CVE-2014-7926.patch: fix incorrect optimization in source/i18n/regexcmp.cpp, fix comment in source/i18n/regexcmp.h, add test to source/test/testdata/regextst.txt. - CVE-2014-7926 * SECURITY UPDATE: denial of service or possible code execution via uninitialized memory in the collator implementation - debian/patches/CVE-2014-7940.patch: properly handle memory in source/i18n/ucol.cpp. - CVE-2014-7940 * SECURITY UPDATE: denial of service via incorrect pattern size limits - debian/patches/CVE-2014-9654.patch: fix case insensitive matches and check limits in source/common/unicode/utypes.h, source/common/utypes.c, source/i18n/regexcmp.cpp, source/i18n/regexcmp.h, source/i18n/regeximp.h, source/i18n/i18n.vcxproj.filters, source/i18n/unicode/regex.h, source/i18n/regeximp.cpp, source/i18n/rematch.cpp, source/i18n/i18n.vcxproj, source/i18n/Makefile.in, added tests to source/test/intltest/regextst.cpp, source/test/intltest/regextst.h, source/test/testdata/regextst.txt. - CVE-2014-9654 * debian/rules: added cdbs autotools rule and adjust DEB_SRCDIR so test suite gets run during build. * debian/patches/two-digit-year-test.patch: fix test suite failure. -- Marc Deslauriers <email address hidden> Wed, 04 Mar 2015 11:14:58 -0500
Available diffs
icu (52.1-7.1) unstable; urgency=high * Non-maintainer upload by the Security Team. * Unfixed issue from the previous upload (closes: #776264) - CVE-2014-6585: out-of-bounds read. * Issues fixed in chromium 40.0.2214.91 (closes: #776265, #776719). - CVE-2014-7923: memory corruption in regular expression comparison. - CVE-2014-7926: memory corruption in regular expression comparison. - CVE-2014-7940: uninitialized memory in i18n/icol.cpp. - CVE-2014-9654: more regular expression handling issues. -- Michael Gilbert <email address hidden> Sun, 15 Feb 2015 22:19:14 +0000
Available diffs
- diff from 52.1-7 to 52.1-7.1 (8.1 KiB)
icu (52.1-7) unstable; urgency=high * Patch to CVE-2014-6591, CVE-2014-6585 a font parsing bug. (Closes: #775884) -- Jay Berkenbilt <email address hidden> Wed, 21 Jan 2015 21:33:19 -0500
Available diffs
- diff from 52.1-6 to 52.1-7 (1.3 KiB)
Superseded in vivid-release |
Obsolete in utopic-release |
Deleted in utopic-proposed (Reason: moved to release) |
icu (52.1-6) unstable; urgency=medium * Ensure that only flags intended to be set by users make it into icu-config. Previously hardening flags were sneaking in there. (Closes: #759792) -- Jay Berkenbilt <email address hidden> Mon, 29 Sep 2014 09:59:09 -0400
Available diffs
- diff from 52.1-5 to 52.1-6 (1.4 KiB)
icu (52.1-5) unstable; urgency=medium * Switch hardening back to dpkg-buildflags. It wasn't previously working but now is, probably because of other bugfixes that have happened in the mean time. -- Jay Berkenbilt <email address hidden> Sat, 26 Jul 2014 12:54:32 -0400
Available diffs
- diff from 52.1-4 to 52.1-5 (828 bytes)
icu (52.1-4) unstable; urgency=medium * Fix test case that fails with gcc 4.9. Fix is from upstream. (Closes: #746860) -- Jay Berkenbilt <email address hidden> Sat, 21 Jun 2014 16:52:47 -0400
Available diffs
- diff from 52.1-3 to 52.1-4 (932 bytes)
Superseded in utopic-release |
Published in trusty-release |
Deleted in trusty-proposed (Reason: moved to release) |
icu (52.1-3) unstable; urgency=medium * Add package dependency information to assist with upgrades in Ubuntu. This eliminates the need for a delta on the Ubuntu version of the package. -- Jay Berkenbilt <email address hidden> Tue, 24 Dec 2013 11:45:03 -0500
Available diffs
Superseded in trusty-proposed |
icu (52.1-2ubuntu1) trusty; urgency=medium * Merge from Debian, remaining changes (LP: #1263706): - Add icu-tools to icu-devtools Breaks & Replaces, to allow smooth upgrades on ubuntu 13.10 -> 14.04. Drop after Trusty release.
Available diffs
icu (4.8.1.1-13+nmu1ubuntu1) trusty; urgency=low * Add icu-tools to icu-devtools Breaks & Replaces, to allow smooth upgrades on ubuntu. Needed until after Trusty release. -- Dmitrijs Ledkovs <email address hidden> Thu, 31 Oct 2013 15:14:22 +0000
Available diffs
icu (4.8.1.1-13+nmu1) unstable; urgency=high * Non-maintainer upload by the Security Team. * Fix cve-2013-2924: use-after-free issue in csrucode.cpp (closes: #726477). -- Michael Gilbert <email address hidden> Sun, 27 Oct 2013 03:49:58 +0000
Available diffs
Superseded in trusty-release |
Obsolete in saucy-release |
Deleted in saucy-proposed (Reason: moved to release) |
icu (4.8.1.1-12ubuntu2) saucy; urgency=low * SECURITY UPDATE: denial of service and possible code execution via use after free. - debian/patches/CVE-2013-2924.patch: check lengths in source/i18n/csrucode.cpp. - CVE-2013-2924 -- Marc Deslauriers <email address hidden> Thu, 10 Oct 2013 10:28:18 -0400
Available diffs
- diff from 4.8.1.1-12ubuntu1 to 4.8.1.1-12ubuntu2 (1019 bytes)
icu (4.8.1.1-3ubuntu0.1) precise-security; urgency=low * SECURITY UPDATE: denial of service and possible code execution via race condition. - debian/patches/CVE-2013-0900.patch: fix thread safety issue in source/common/locid.cpp, source/common/unicode/locid.h. - CVE-2013-0900 * SECURITY UPDATE: denial of service and possible code execution via use after free. - debian/patches/CVE-2013-2924.patch: check lengths in source/i18n/csrucode.cpp. - CVE-2013-2924 -- Marc Deslauriers <email address hidden> Thu, 10 Oct 2013 10:40:19 -0400
Available diffs
icu (4.8.1.1-12ubuntu0.1) raring-security; urgency=low * SECURITY UPDATE: denial of service and possible code execution via use after free. - debian/patches/CVE-2013-2924.patch: check lengths in source/i18n/csrucode.cpp. - CVE-2013-2924 -- Marc Deslauriers <email address hidden> Thu, 10 Oct 2013 10:31:53 -0400
Available diffs
icu (4.8.1.1-8ubuntu0.1) quantal-security; urgency=low * SECURITY UPDATE: denial of service and possible code execution via race condition. - debian/patches/CVE-2013-0900.patch: fix thread safety issue in source/common/locid.cpp, source/common/unicode/locid.h. - CVE-2013-0900 * SECURITY UPDATE: denial of service and possible code execution via use after free. - debian/patches/CVE-2013-2924.patch: check lengths in source/i18n/csrucode.cpp. - CVE-2013-2924 -- Marc Deslauriers <email address hidden> Thu, 10 Oct 2013 10:33:37 -0400
Available diffs
icu (4.8.1.1-12ubuntu1) saucy; urgency=low * Multi-arch libicu-dev. (Closes: #699763) -- Dmitrijs Ledkovs <email address hidden> Fri, 16 Aug 2013 18:14:41 +0100
Available diffs
Superseded in saucy-release |
Obsolete in raring-release |
Deleted in raring-proposed (Reason: moved to release) |
icu (4.8.1.1-12) unstable; urgency=high * Add patch to address CVE-2013-0900, a threading race condition. (Closes: #702346) -- Jay Berkenbilt <email address hidden> Thu, 21 Mar 2013 11:29:08 -0400
Available diffs
- diff from 4.8.1.1-11 to 4.8.1.1-12 (3.5 KiB)
icu (4.8.1.1-11) unstable; urgency=medium * Fix crash on rendering incremental Malayalam text input. Thanks Colin Watson. (Closes: #702982) -- Jay Berkenbilt <email address hidden> Sat, 16 Mar 2013 14:58:15 -0400
Available diffs
icu (4.8.1.1-10ubuntu1) raring; urgency=low * Fix crash on rendering incremental Malayalam text input (LP: #1130284). -- Colin Watson <email address hidden> Wed, 13 Mar 2013 16:13:05 +0000
Available diffs
icu (4.8.1.1-10) unstable; urgency=low * Include pkg-config files in dev package. Thanks Tommi Vainikainen. (Closes: #687339) -- Jay Berkenbilt <email address hidden> Sat, 17 Nov 2012 14:37:40 -0500
Available diffs
icu (4.8.1.1-9ubuntu1) raring; urgency=low * debian/libicu-dev.install: Install .pc files (LP: #1037588). -- Thomas Bechtold <email address hidden> Tue, 13 Nov 2012 12:16:57 +0100
Available diffs
icu (4.8.1.1-9) unstable; urgency=low * debian/rules: Use xz compression for binary packages. (Closes: #683901) -- Jay Berkenbilt <email address hidden> Sat, 11 Aug 2012 12:41:28 -0400
Available diffs
- diff from 4.8.1.1-8 to 4.8.1.1-9 (568 bytes)
icu (4.8.1.1-8) unstable; urgency=low * Switch hardening back to hardening-wrapper again since otherwise some things sneak into icu-config's output. -- Jay Berkenbilt <email address hidden> Tue, 05 Jun 2012 14:27:27 -0400
Available diffs
- diff from 4.8.1.1-7 to 4.8.1.1-8 (811 bytes)
icu (4.8.1.1-7) unstable; urgency=low * Switch hardening back to dpkg-buildoptions. * Fix doc install for newer doxygen. (Closes: #674382) -- Jay Berkenbilt <email address hidden> Thu, 24 May 2012 13:55:13 -0400
Available diffs
- diff from 4.8.1.1-6 to 4.8.1.1-7 (1.9 KiB)
icu (4.8.1.1-6) unstable; urgency=low * Remove 32-bit packages built on 64-bit architectures, and enable Multiarch. (Closes: #665416) -- Jay Berkenbilt <email address hidden> Sun, 22 Apr 2012 08:40:16 -0400
Available diffs
- diff from 4.8.1.1-5 to 4.8.1.1-6 (2.9 KiB)
icu (4.8.1.1-5) unstable; urgency=low * Enable security hardening flags. Thanks to Simon Ruderich for doing 100% of the work, sending a clean patch, and providing clear instructions on how to verify. (Closes: #663601) -- Jay Berkenbilt <email address hidden> Fri, 23 Mar 2012 22:45:55 -0400
Available diffs
- diff from 4.8.1.1-3 to 4.8.1.1-5 (2.5 KiB)
icu (4.2.1-3ubuntu0.10.10.1) maverick-security; urgency=low * SECURITY UPDATE: denial of service and possible code execution via out of bounds access - debian/patches/CVE-2011-4599.patch: add bounds checks in source/common/uloc.c. - CVE-2011-4599 -- Marc Deslauriers <email address hidden> Wed, 25 Jan 2012 15:11:21 -0500
Available diffs
icu (4.2.1-3ubuntu0.10.04.1) lucid-security; urgency=low * SECURITY UPDATE: denial of service and possible code execution via out of bounds access - debian/patches/CVE-2011-4599.patch: add bounds checks in source/common/uloc.c. - CVE-2011-4599 -- Marc Deslauriers <email address hidden> Wed, 25 Jan 2012 15:13:36 -0500
Available diffs
icu (4.4.2-2ubuntu0.11.04.1) natty-security; urgency=low * SECURITY UPDATE: denial of service and possible code execution via out of bounds access - debian/patches/CVE-2011-4599.patch: add bounds checks in source/common/uloc.c. - CVE-2011-4599 -- Marc Deslauriers <email address hidden> Wed, 25 Jan 2012 14:39:39 -0500
Available diffs
icu (4.4.2-2ubuntu0.11.10.1) oneiric-security; urgency=low * SECURITY UPDATE: denial of service and possible code execution via out of bounds access - debian/patches/CVE-2011-4599.patch: add bounds checks in source/common/uloc.c. - CVE-2011-4599 -- Marc Deslauriers <email address hidden> Wed, 25 Jan 2012 14:21:17 -0500
Available diffs
icu (4.8.1.1-3) unstable; urgency=high * Add patch to address CVE-2011-4599, a potential buffer overflow. (Closes: #654883) -- Jay Berkenbilt <email address hidden> Sat, 21 Jan 2012 19:44:44 -0500
Available diffs
- diff from 4.8.1.1-2 (in Ubuntu) to 4.8.1.1-3 (827 bytes)
icu (4.8.1.1-2) unstable; urgency=low * debian/patches/icudata-stdlibs.patch: Link stdlibs to libicudata so we get reasonably sane ELF headers on armhf. Thanks Adam Conrad <email address hidden>. (Closes: #653457) -- Adam Conrad <adconrad@0c3.net> Wed, 04 Jan 2012 17:26:13 +0000
Available diffs
- diff from 4.8.1.1-1ubuntu1 to 4.8.1.1-2 (1.2 KiB)
Superseded in precise-release |
icu (4.8.1.1-1ubuntu1) precise; urgency=low * debian/patches/link-stdlibs.patch: Link stdlibs to libicudata so we get reasonably sane ELF headers on armhf. -- Adam Conrad <email address hidden> Sun, 04 Dec 2011 02:53:18 -0700
Available diffs
- diff from 4.8.1.1-1 to 4.8.1.1-1ubuntu1 (719 bytes)
icu (4.8.1.1-1) unstable; urgency=low * New upstream release * Add simple patch to define PATH_MAX when not defined. Not an ideal solution, but it will do for now. (Closes: #643661)
Available diffs
- diff from 4.4.2-2 to 4.8.1.1-1 (4.8 MiB)
icu (4.4.2-2) unstable; urgency=low * Apply patch to fix Malayam rendering. (Closes: #591615) -- Ubuntu Archive Auto-Sync <email address hidden> Fri, 26 Nov 2010 09:05:59 +0000
Available diffs
- diff from 4.4.2-1 to 4.4.2-2 (2.4 KiB)
icu (4.4.2-1) unstable; urgency=low * New upstream release * Updated standards version to 3.9.1; no changes required -- Ubuntu Archive Auto-Sync <email address hidden> Mon, 18 Oct 2010 08:38:24 +0000
Available diffs
- diff from 4.4.1-6 to 4.4.2-1 (4.3 MiB)
icu (4.4.1-6) unstable; urgency=low * Include patch from Alexander Kurtz to solve failure to build from source resulting from doxygen generating different files. (Closes: #590393)
Available diffs
- diff from 4.2.1-3 to 4.4.1-6 (6.1 MiB)
icu (4.2.1-3) unstable; urgency=low * Change install-doc target to not fail if there are subdirectories of doc/html. This is necessary to handle the doc/html/search directory created by doxygen 3.6.1. (Closes: #544799)
Available diffs
- diff from 4.0.1-2ubuntu2 to 4.2.1-3 (12.3 MiB)
icu (4.0.1-2ubuntu2) karmic; urgency=low * No change rebuild to fix misbuilt binaries on armel. -- Loic Minier <email address hidden> Wed, 21 Oct 2009 14:45:37 +0200
Available diffs
- diff from 4.0.1-2ubuntu1 to 4.0.1-2ubuntu2 (309 bytes)
icu (3.8-6ubuntu0.2) hardy-security; urgency=low * SECURITY UPDATE: fix improper handling of invalid byte sequences during Unicode conversion - debian/07-CVE-2009-0153.patch: backported patch thanks to RedHat via Debian - 03-redhat.icu5797.patch, 04-redhat.icu6001.patch, and 05-redhat.icu6002.patch required for applying 07-CVE-2009-0153.patch with 06-CVE-2008-1036.patch needing adjustments. Patch from Debian. - CVE-2009-0153 -- Jamie Strandboge <email address hidden> Wed, 07 Oct 2009 11:33:48 -0500
Available diffs
- diff from 3.8-6ubuntu0.1 to 3.8-6ubuntu0.2 (32.2 KiB)
icu (3.8.1-2ubuntu0.2) intrepid-security; urgency=low * SECURITY UPDATE: fix improper handling of invalid byte sequences during Unicode conversion - debian/07-CVE-2009-0153.patch: backported patch thanks to RedHat via Debian - 03-redhat.icu5797.patch, 04-redhat.icu6001.patch, and 05-redhat.icu6002.patch required for applying 07-CVE-2009-0153.patch with 06-CVE-2008-1036.patch needing adjustments. Patch from Debian. - CVE-2009-0153 -- Jamie Strandboge <email address hidden> Wed, 07 Oct 2009 10:52:20 -0500
Available diffs
icu (3.8.1-3ubuntu1.1) jaunty-security; urgency=low * SECURITY UPDATE: fix improper handling of invalid byte sequences during Unicode conversion - debian/07-CVE-2009-0153.patch: backported patch thanks to RedHat via Debian - 03-redhat.icu5797.patch, 04-redhat.icu6001.patch, and 05-redhat.icu6002.patch required for applying 07-CVE-2009-0153.patch with 06-CVE-2008-1036.patch needing adjustments. Patch from Debian. - CVE-2009-0153 -- Jamie Strandboge <email address hidden> Wed, 07 Oct 2009 10:29:13 -0500
Available diffs
Superseded in karmic-release |
icu (4.0.1-2ubuntu1) karmic; urgency=low * Backport from unstable (Jay Berkenbilt): - Change install-doc target to not fail if there are subdirectories of doc/html. This is necessary to handle the doc/html/search directory created by doxygen 3.6.1. -- Colin Watson <email address hidden> Wed, 07 Oct 2009 10:43:39 +0100
Available diffs
- diff from 4.0.1-2 to 4.0.1-2ubuntu1 (960 bytes)
icu (4.0.1-2) unstable; urgency=low * Include work-around from 3.8.1-3, inadvertently omitted from 4.0.1-1.
Available diffs
- diff from 3.8.1-3ubuntu1 to 4.0.1-2 (18.3 KiB)
icu (3.8.1-3ubuntu1) jaunty; urgency=low * SECURITY UPDATE: Cross-site scripting attack via invalid character sequences (LP: #341834) - debian/patches/03-cve-2008-1036.patch: Improve parsing logic in source/common/{ucnv2022.c,ucnv_bld.*,ucnv.c,ucnvhz.c} to replace invalid character sequences. Also, add test case to source/test/{cintltst/nucnvtst.c,testdata/conversion.txt}. - CVE-2008-1036 -- Marc Deslauriers <email address hidden> Wed, 25 Mar 2009 08:37:53 -0400
Available diffs
- diff from 3.8.1-3 to 3.8.1-3ubuntu1 (6.0 KiB)
icu (3.8.1-2ubuntu0.1) intrepid-security; urgency=low * SECURITY UPDATE: Cross-site scripting attack via invalid character sequences (LP: #341834) - debian/patches/03-cve-2008-1036.patch: Improve parsing logic in source/common/{ucnv2022.c,ucnv_bld.*,ucnv.c,ucnvhz.c} to replace invalid character sequences. Also, add test case to source/test/{cintltst/nucnvtst.c,testdata/conversion.txt}. - CVE-2008-1036 -- Marc Deslauriers <email address hidden> Wed, 25 Mar 2009 09:09:07 -0400
Available diffs
icu (3.8-6ubuntu0.1) hardy-security; urgency=low * SECURITY UPDATE: Cross-site scripting attack via invalid character sequences (LP: #341834) - debian/patches/03-cve-2008-1036.patch: Improve parsing logic in source/common/{ucnv2022.c,ucnv_bld.*,ucnv.c,ucnvhz.c} to replace invalid character sequences. Also, add test case to source/test/{cintltst/nucnvtst.c,testdata/conversion.txt}. - CVE-2008-1036 -- Marc Deslauriers <email address hidden> Wed, 25 Mar 2009 09:55:21 -0400
Available diffs
icu (3.6-3ubuntu0.2) gutsy-security; urgency=low * SECURITY UPDATE: Cross-site scripting attack via invalid character sequences (LP: #341834) - debian/patches/03-cve-2008-1036.patch: Improve parsing logic in source/common/{ucnv2022.c,ucnv_bld.*,ucnv.c,ucnvhz.c} to replace invalid character sequences. Also, add test case to source/test/{cintltst/nucnvtst.c,testdata/conversion.txt}. - CVE-2008-1036 -- Marc Deslauriers <email address hidden> Wed, 25 Mar 2009 10:54:08 -0400
Available diffs
icu (3.4.1a-1ubuntu1.6.06.2) dapper-security; urgency=low * SECURITY UPDATE: Cross-site scripting attack via invalid character sequences (LP: #341834) - debian/patches/03-cve-2008-1036.patch: Improve parsing logic in source/common/{ucnv2022.c,ucnv_bld.*,ucnv.c,ucnvhz.c} to replace invalid character sequences. Also, add test case to source/test/{cintltst/nucnvtst.c,testdata/conversion.txt}. - CVE-2008-1036 -- Marc Deslauriers <email address hidden> Wed, 25 Mar 2009 11:29:29 -0400
Available diffs
icu (3.8.1-3) unstable; urgency=medium * Work around gcc internal error on armel. Temporary until bug 484053 is resolved. -- Ubuntu Archive Auto-Sync <email address hidden> Tue, 04 Nov 2008 21:26:17 +0000
Available diffs
- diff from 3.8.1-2 to 3.8.1-3 (558 bytes)
icu (3.8.1-2) unstable; urgency=low * Patch from Harshula to fix split conjuncts problem in Sinhala. (Closes: #483563) * Force structures to be padded at byte boundaries (rather than 32-bit boundaries) on arm. (Closes: #484138) * Update doc-base section. -- Ubuntu Archive Auto-Sync <email address hidden> Sun, 08 Jun 2008 21:02:13 +0100
Available diffs
- diff from 3.8.1-1 to 3.8.1-2 (3.3 KiB)
icu (3.8.1-1) unstable; urgency=low * New upstream release * Patch to support GNU/kFreeBSD. Thanks Aurelien Jarno. (Closes: # 461782) -- Ubuntu Archive Auto-Sync <email address hidden> Fri, 02 May 2008 02:09:10 +0100
icu (3.6-3ubuntu0.1) gutsy-security; urgency=low * SECURITY UPDATE: possible read from and write to out of bounds memory locations via back reference '\0' in regular expressions * SECURITY UPDATE: denial of service due to memory exhaustion via a crafted regular expression * debian/patches/SECURITY_CVE-2007-4770_4771.patch: fix regexcmp.cpp to return error on invalid back reference. fix rematch.cpp, uvectr32.h and uvectr32.cpp to return error when capacity is greater than maxCapacity * References CVE-2007-4770 CVE-2007-4771 * Modify Maintainer value to match the DebianMaintainerField specification. -- Jamie Strandboge <email address hidden> Thu, 20 Mar 2008 14:45:37 -0400
icu (3.6-2ubuntu0.1) feisty-security; urgency=low * SECURITY UPDATE: possible read from and write to out of bounds memory locations via back reference '\0' in regular expressions * SECURITY UPDATE: denial of service due to memory exhaustion via a crafted regular expression * debian/patches/SECURITY_CVE-2007-4770_4771.patch: fix regexcmp.cpp to return error on invalid back reference. fix rematch.cpp, uvectr32.h and uvectr32.cpp to return error when capacity is greater than maxCapacity * References CVE-2007-4770 CVE-2007-4771 * Modify Maintainer value to match the DebianMaintainerField specification. -- Jamie Strandboge <email address hidden> Thu, 20 Mar 2008 14:45:12 -0400
icu (3.4.1a-1ubuntu1.6.10.1) edgy-security; urgency=low * SECURITY UPDATE: possible read from and write to out of bounds memory locations via back reference '\0' in regular expressions * SECURITY UPDATE: denial of service due to memory exhaustion via a crafted regular expression * debian/patches/SECURITY_CVE-2007-4770_4771.patch: fix regexcmp.cpp to return error on invalid back reference. fix rematch.cpp, uvectr32.h and uvectr32.cpp to return error when capacity is greater than maxCapacity * References CVE-2007-4770 CVE-2007-4771 -- Jamie Strandboge <email address hidden> Thu, 20 Mar 2008 14:29:07 -0400
icu (3.4.1a-1ubuntu1.6.06.1) dapper-security; urgency=low * SECURITY UPDATE: possible read from and write to out of bounds memory locations via back reference '\0' in regular expressions * SECURITY UPDATE: denial of service due to memory exhaustion via a crafted regular expression * debian/patches/SECURITY_CVE-2007-4770_4771.patch: fix regexcmp.cpp to return error on invalid back reference. fix rematch.cpp, uvectr32.h and uvectr32.cpp to return error when capacity is greater than maxCapacity * References CVE-2007-4770 CVE-2007-4771 -- Jamie Strandboge <email address hidden> Thu, 20 Mar 2008 14:31:40 -0400
icu (3.8-6) unstable; urgency=high * Add debian/patches/00-cve-2007-4770-4771.patch created from with svn diff -c 23292 \ http://source.icu-project.org/repos/icu/icu/branches/maint/maint-3-8 to address the following security vulnerablilities: - CVE-2007-4770: reference to non-existent capture group may cause access to invalid memory - CVE-2007-4771: buffer overflow in regexcmp.cpp (Closes: #463688) * Updated standards version to 3.7.3: no changes required. -- Michael Bienia <email address hidden> Fri, 08 Feb 2008 13:24:37 +0000
icu (3.8-5) unstable; urgency=low * Filter out extraneous dependencies among different versions of the library packages. (Closes: #451767, 451978)
icu (3.6-10) unstable; urgency=low * It appears that amd64 requires 32-bit libraries to be in /emul/ia32-linux/usr/lib instead of /usr/lib32. Following zlib's example of moving them around for amd64 only. (Closes: #451495)
icu (3.6-8) unstable; urgency=low * Clean up 32-bit library patch to avoid excessive and unnecessary runs of configure. (Closes: #447771) * make setBreakType public in rbbi.h; needed by OpenOffice.org. This patch is included in OpenOffice.org's internal ICU. Including it here allows OpenOffice.org to continue to use this ICU package. Thanks Rene Engelhard. (Closes: #448745) * Rename debian/watch.not-yet to debian/no-watch so it won't get picked up even though it's not supposed to. ICU's ftp site uses a structure that isn't supported by uscan. (Closes: #449701) -- Ubuntu Archive Auto-Sync <email address hidden> Thu, 15 Nov 2007 10:46:40 +0000
76 → 150 of 161 results | First • Previous • Next • Last |