Resolves: rhbz#766542 CVE-2011-4599 Stack-based buffer overflow
This commit is contained in:
Eike Rathke
parent
4511ad6d78
commit
af25243294
20
icu.8984.CVE-2011-4599.patch
Normal file
20
icu.8984.CVE-2011-4599.patch
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
--- icu/source/common/uloc.c
|
||||||
|
+++ icu/source/common/uloc.c
|
||||||
|
@@ -1797,7 +1797,7 @@
|
||||||
|
int32_t variantLen = _deleteVariant(variant, uprv_min(variantSize, (nameCapacity-len)), variantToCompare, n);
|
||||||
|
len -= variantLen;
|
||||||
|
if (variantLen > 0) {
|
||||||
|
- if (name[len-1] == '_') { /* delete trailing '_' */
|
||||||
|
+ if (len > 0 && name[len-1] == '_') { /* delete trailing '_' */
|
||||||
|
--len;
|
||||||
|
}
|
||||||
|
addKeyword = VARIANT_MAP[j].keyword;
|
||||||
|
@@ -1805,7 +1805,7 @@
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
- if (name[len-1] == '_') { /* delete trailing '_' */
|
||||||
|
+ if (len > 0 && len <= nameCapacity && name[len-1] == '_') { /* delete trailing '_' */
|
||||||
|
--len;
|
||||||
|
}
|
||||||
|
}
|
||||||
8
icu.spec
8
icu.spec
@ -1,6 +1,6 @@
|
|||||||
Name: icu
|
Name: icu
|
||||||
Version: 4.8.1
|
Version: 4.8.1
|
||||||
Release: 2%{?dist}
|
Release: 3%{?dist}
|
||||||
Summary: International Components for Unicode
|
Summary: International Components for Unicode
|
||||||
Group: Development/Tools
|
Group: Development/Tools
|
||||||
License: MIT and UCD and Public Domain
|
License: MIT and UCD and Public Domain
|
||||||
@ -13,6 +13,7 @@ Requires: lib%{name} = %{version}-%{release}
|
|||||||
Patch1: icu.8198.revert.icu5431.patch
|
Patch1: icu.8198.revert.icu5431.patch
|
||||||
Patch2: icu.8800.freeserif.crash.patch
|
Patch2: icu.8800.freeserif.crash.patch
|
||||||
Patch3: icu.7601.Indic-ccmp.patch
|
Patch3: icu.7601.Indic-ccmp.patch
|
||||||
|
Patch4: icu.8984.CVE-2011-4599.patch
|
||||||
|
|
||||||
%description
|
%description
|
||||||
Tools and utilities for developing with icu.
|
Tools and utilities for developing with icu.
|
||||||
@ -55,6 +56,7 @@ BuildArch: noarch
|
|||||||
%patch1 -p2 -R -b .icu8198.revert.icu5431.patch
|
%patch1 -p2 -R -b .icu8198.revert.icu5431.patch
|
||||||
%patch2 -p1 -b .icu8800.freeserif.crash.patch
|
%patch2 -p1 -b .icu8800.freeserif.crash.patch
|
||||||
%patch3 -p1 -b .icu7601.Indic-ccmp.patch
|
%patch3 -p1 -b .icu7601.Indic-ccmp.patch
|
||||||
|
%patch4 -p1 -b .icu8984.CVE-2011-4599.patch
|
||||||
|
|
||||||
%build
|
%build
|
||||||
cd source
|
cd source
|
||||||
@ -142,6 +144,10 @@ rm -rf $RPM_BUILD_ROOT
|
|||||||
%doc source/__docs/%{name}/html/*
|
%doc source/__docs/%{name}/html/*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Dec 13 2011 Eike Rathke <erack@redhat.com> - 4.8.1-3
|
||||||
|
- Resolves: rhbz#766542 CVE-2011-4599 Stack-based buffer overflow
|
||||||
|
- add icu.8984.CVE-2011-4599.patch
|
||||||
|
|
||||||
* Mon Oct 24 2011 Caolán McNamara <caolanm@redhat.com> - 4.8.1-2
|
* Mon Oct 24 2011 Caolán McNamara <caolanm@redhat.com> - 4.8.1-2
|
||||||
- Resolves: rhbz#747193 try and enable ccmp for Indic fonts
|
- Resolves: rhbz#747193 try and enable ccmp for Indic fonts
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user