[Buildroot] [PATCH] icu: add upstream security fix for utf-8 handling
Peter Korsgaard
peter at korsgaard.com
Fri Apr 28 12:32:43 UTC 2017
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
> Fixes:
> CVE-2017-7867 - International Components for Unicode (ICU) for C/C++ before
> 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow
> related to the utf8TextAccess function in common/utext.cpp and the
> utext_setNativeIndex* function.
> CVE-2017-7868 - International Components for Unicode (ICU) for C/C++ before
> 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow
> related to the utf8TextAccess function in common/utext.cpp and the
> utext_moveIndex32* function.
> Upstream: http://bugs.icu-project.org/trac/changeset/39671
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
Committed to 2017.02.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list