Summary: | <dev-libs/icu-63.1-r1: Integer Overflow | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Michael Boyle <boylemic> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | Flags: | stable-bot:
sanity-check+
|
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | B3 [noglsa cve] | ||
See Also: | https://bugs.gentoo.org/show_bug.cgi?id=673446 | ||
Whiteboard: | |||
Package list: |
dev-libs/icu-63.1-r1 alpha amd64 arm arm64 ia64 ppc ppc64 x86 hppa s390 sparc
dev-libs/icu-layoutex-63.1 alpha amd64 ia64 ppc ppc64 x86 hppa sparc
|
Runtime testing required: | --- |
Bug Depends on: | 651698, 668280, 668282, 674372 | ||
Bug Blocks: | 673446 |
Description
Michael Boyle
2018-11-06 03:39:56 UTC
*** Bug 668284 has been marked as a duplicate of this bug. *** The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=864e6a833c7eca237bdd792a831948c2b5b8d6c6 commit 864e6a833c7eca237bdd792a831948c2b5b8d6c6 Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2018-11-09 02:10:01 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2018-11-09 02:10:01 +0000 dev-libs/icu: Fix CVE-2018-18928 Bug: https://bugs.gentoo.org/670456 Package-Manager: Portage-2.3.51, Repoman-2.3.12 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> dev-libs/icu/files/icu-63.1-CVE-2018-18928.patch | 62 +++++++++ dev-libs/icu/icu-63.1-r1.ebuild | 161 +++++++++++++++++++++++ 2 files changed, 223 insertions(+) Contrary to $summary, icu-63.1 had to be patched for the fix. Arches, please stabilise. amd64 + x86, please stabilise together with LO in bug 673446. hppa stable sparc stable ia64 stable alpha stable ppc/ppc64 stable amd64 stable arm64 stable x86 stable s390 stable arm stable The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1da80dd7db754e635f505984fd291b996dd3a416 commit 1da80dd7db754e635f505984fd291b996dd3a416 Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2019-02-01 20:13:59 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2019-02-01 20:14:20 +0000 dev-libs/icu: Cleanup vulnerable 60.2 Bug: https://bugs.gentoo.org/670456 Package-Manager: Portage-2.3.59, Repoman-2.3.12 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> dev-libs/icu/Manifest | 1 - dev-libs/icu/icu-60.2.ebuild | 163 ------------------------------------------- 2 files changed, 164 deletions(-) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=99bf853e60a2ae531eadd00a80a6fdef845c3f33 commit 99bf853e60a2ae531eadd00a80a6fdef845c3f33 Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2019-06-27 09:14:35 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2019-06-27 10:47:27 +0000 dev-libs/icu: Drop 58.2-r1, security cleanup Bug: https://bugs.gentoo.org/670456 Package-Manager: Portage-2.3.67, Repoman-2.3.16 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> dev-libs/icu/Manifest | 1 - dev-libs/icu/files/icu-58.1-iterator.patch | 127 ----------------- dev-libs/icu/files/icu-58.2-CVE-2017-7867.patch | 155 --------------------- dev-libs/icu/files/icu-58.2-darwin.patch | 55 -------- dev-libs/icu/files/icu-58.2-glibc226.patch | 16 --- dev-libs/icu/icu-58.2-r1.ebuild | 172 ------------------------ 6 files changed, 526 deletions(-) office are done here, anyway. |