This bug was fixed in the package icu - 67.1-6ubuntu2.1
---------------
icu (67.1-6ubuntu2.1) hirsute-security; urgency=medium
* SECURITY UPDATE: Double Free
- debian/patches/CVE-2021-30535-prereq.patch: Fix invalid free when
using long locale name in Locale functions in
source/common/locid.cpp.
- debian/patches/CVE-2021-30535.patch: Fix edge cases with baseName
in setKeywordValue function in source/common/locid.cpp to
prevent double free and protect from heap corruption.
- CVE-2021-30535
* fix failing tests causing build-time failure: (LP: #1951432)
- debian/patches/tzdata-2021b-tests.patch: Fix TestCalendar function
in source/test/cintltst/ccaltst.c and TestGenericAPI in
source/test/intltest/tztest.cpp to accept tz.version with longer
string size to prevent tests from failing.
- debian/patches/skip-tztests.patch: Skip specific Time Zones tests in
TestAliasedNames and TestCanonicalID functions in
source/test/intltest/tztest.cpp. They don't match with data from
updated tzdata and needed to be skiped to prevent tests from failing.
-- Rodrigo Figueiredo Zaiden <[email protected]> Thu, 18
Nov 2021 13:51:35 -0300
** Changed in: icu (Ubuntu)
Status: In Progress => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-30535
** Changed in: icu (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1951432
Title:
fail to build from source
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/icu/+bug/1951432/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
