Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 710758 (CVE-2020-10531)

Summary: <dev-libs/icu-65.1-r1: integer overflow in UnicodeString::doAppend() (CVE-2020-10531)
Product: Gentoo Security Reporter: Stephan Hartmann (RETIRED) <sultan>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: office, sam
Priority: Normal Flags: stable-bot: sanity-check+
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.html
See Also: https://github.com/gentoo/gentoo/pull/14779
Whiteboard: A2 [glsa+ cve]
Package list:
=dev-libs/icu-65.1-r1
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 710760    

Description Stephan Hartmann (RETIRED) gentoo-dev 2020-02-25 07:36:49 UTC
This was reported in ${URL}. We unbundle ICU in chromium and therefore need to fix system ICU. Patch is here:

https://github.com/unicode-org/icu/commit/b7d08bc04a4296982fcef8b6b8a354a9e4e7afca#diff-c1b3392a0eef1fc0e19c2b5b83cf0b1d

Reproducible: Always
Comment 1 Larry the Git Cow gentoo-dev 2020-02-26 11:49:25 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=156d2bd5e79f0d331afc1ff82b565350fe5ea93c

commit 156d2bd5e79f0d331afc1ff82b565350fe5ea93c
Author:     Stephan Hartmann <stha09@googlemail.com>
AuthorDate: 2020-02-26 11:15:01 +0000
Commit:     Andreas Sturmlechner <asturm@gentoo.org>
CommitDate: 2020-02-26 11:49:08 +0000

    dev-libs/icu: add patch to fix integer overflow
    
    Bug: https://bugs.gentoo.org/710758
    Package-Manager: Portage-2.3.84, Repoman-2.3.20
    Signed-off-by: Stephan Hartmann <stha09@googlemail.com>
    Closes: https://github.com/gentoo/gentoo/pull/14779
    Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org>

 dev-libs/icu/files/icu-65.1-integer-overflow.patch | 118 +++++++++++++++++
 dev-libs/icu/icu-65.1-r1.ebuild                    | 143 +++++++++++++++++++++
 2 files changed, 261 insertions(+)
Comment 2 Agostino Sarubbo gentoo-dev 2020-02-27 09:49:43 UTC
amd64 stable
Comment 3 Agostino Sarubbo gentoo-dev 2020-02-28 17:51:03 UTC
x86 stable
Comment 4 Rolf Eike Beer archtester 2020-02-29 12:03:45 UTC
sparc stable
Comment 5 Agostino Sarubbo gentoo-dev 2020-03-02 12:34:17 UTC
s390 stable
Comment 6 Agostino Sarubbo gentoo-dev 2020-03-02 12:38:10 UTC
ia64 stable
Comment 7 Agostino Sarubbo gentoo-dev 2020-03-02 12:40:47 UTC
ppc64 stable
Comment 8 Agostino Sarubbo gentoo-dev 2020-03-02 15:24:10 UTC
ppc stable
Comment 9 Agostino Sarubbo gentoo-dev 2020-03-05 12:49:48 UTC
arm stable
Comment 10 Mart Raudsepp gentoo-dev 2020-03-07 20:20:51 UTC
arm64 stable
Comment 11 Thomas Deutschmann (RETIRED) gentoo-dev 2020-03-15 01:04:37 UTC
*** Bug 712284 has been marked as a duplicate of this bug. ***
Comment 12 Thomas Deutschmann (RETIRED) gentoo-dev 2020-03-15 01:05:56 UTC
New GLSA request created.
Comment 13 Thomas Deutschmann (RETIRED) gentoo-dev 2020-03-15 01:11:41 UTC
@ maintainer(s): Note that the ICU 66 (66.1) that was released this month does not include the fix for this issue. So please keep an eye on this when adding next version!
Comment 14 GLSAMaker/CVETool Bot gentoo-dev 2020-03-15 01:38:48 UTC
This issue was resolved and addressed in
 GLSA 202003-15 at https://security.gentoo.org/glsa/202003-15
by GLSA coordinator Thomas Deutschmann (whissi).
Comment 15 Thomas Deutschmann (RETIRED) gentoo-dev 2020-03-15 01:39:27 UTC
Re-opening for remaining architecture.
Comment 16 Larry the Git Cow gentoo-dev 2020-03-15 13:32:47 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1792f28293cc855d2f1d35351909380f3c8c755d

commit 1792f28293cc855d2f1d35351909380f3c8c755d
Author:     Andreas Sturmlechner <asturm@gentoo.org>
AuthorDate: 2020-03-15 12:03:37 +0000
Commit:     Andreas Sturmlechner <asturm@gentoo.org>
CommitDate: 2020-03-15 13:31:55 +0000

    dev-libs/icu: drop all keywords from 65.1 except hppa
    
    Bug: https://bugs.gentoo.org/710758
    Package-Manager: Portage-2.3.94, Repoman-2.3.21
    Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org>

 dev-libs/icu/icu-65.1.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
Comment 17 Rolf Eike Beer archtester 2020-03-16 17:47:15 UTC
hppa stable
Comment 18 Larry the Git Cow gentoo-dev 2020-03-16 21:29:09 UTC
The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1356ba4a3dca719b189546d13a3198673bc25129

commit 1356ba4a3dca719b189546d13a3198673bc25129
Author:     Andreas Sturmlechner <asturm@gentoo.org>
AuthorDate: 2020-03-16 21:06:01 +0000
Commit:     Andreas Sturmlechner <asturm@gentoo.org>
CommitDate: 2020-03-16 21:28:33 +0000

    dev-libs/icu: Drop 65.1 (r0)
    
    Closes: https://bugs.gentoo.org/710758
    Package-Manager: Portage-2.3.94, Repoman-2.3.21
    Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org>

 dev-libs/icu/icu-65.1.ebuild | 142 -------------------------------------------
 1 file changed, 142 deletions(-)