This bug was fixed in the package icu - 3.6-3ubuntu0.2
---------------
icu (3.6-3ubuntu0.2) gutsy-security; urgency=low
* SECURITY UPDATE: Cross-site scripting attack via invalid character
sequences (LP: #341834)
- debian/patches/03-cve-2008-1036.patch: Improve parsing logic in
source/common/{ucnv2022.c,ucnv_bld.*,ucnv.c,ucnvhz.c} to replace
invalid character sequences. Also, add test case to
source/test/{cintltst/nucnvtst.c,testdata/conversion.txt}.
- CVE-2008-1036
-- Marc Deslauriers <[email protected]> Wed, 25 Mar 2009
10:54:08 -0400
** Changed in: icu (Ubuntu)
Status: In Progress => Fix Released
--
empty segment fixes
https://bugs.launchpad.net/bugs/341834
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
