[Buildroot] [PATCH] icu: add upstream security fix for utf-8 handling

Peter Korsgaard peter at korsgaard.com
Fri Apr 28 12:32:43 UTC 2017


>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:

 > Fixes:
 > CVE-2017-7867 - International Components for Unicode (ICU) for C/C++ before
 > 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow
 > related to the utf8TextAccess function in common/utext.cpp and the
 > utext_setNativeIndex* function.

 > CVE-2017-7868 - International Components for Unicode (ICU) for C/C++ before
 > 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow
 > related to the utf8TextAccess function in common/utext.cpp and the
 > utext_moveIndex32* function.

 > Upstream: http://bugs.icu-project.org/trac/changeset/39671

 > Signed-off-by: Peter Korsgaard <peter at korsgaard.com>

Committed to 2017.02.x, thanks.

-- 
Bye, Peter Korsgaard



More information about the buildroot mailing list