[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#40227] [PATCH] gnu: icu4c: Fix CVE-2020-10531.
|
From: |
Marius Bakke |
|
Subject: |
[bug#40227] [PATCH] gnu: icu4c: Fix CVE-2020-10531. |
|
Date: |
Wed, 25 Mar 2020 21:23:33 +0100 |
|
User-agent: |
Notmuch/0.29.3 (https://notmuchmail.org) Emacs/26.3 (x86_64-pc-linux-gnu) |
Leo Famulari <address@hidden> writes:
> * gnu/packages/patches/icu4c-CVE-2020-10531.patch: New file.
> * gnu/local.mk (dist_patch_DATA): Add it.
> * gnu/packages/icu4c.scm (icu4c)[replacement]: New field.
> (icu4c/fixed): New variable.
[...]
> diff --git a/gnu/packages/patches/icu4c-CVE-2020-10531.patch
> b/gnu/packages/patches/icu4c-CVE-2020-10531.patch
> new file mode 100644
> index 0000000000..e996783e75
> --- /dev/null
> +++ b/gnu/packages/patches/icu4c-CVE-2020-10531.patch
> @@ -0,0 +1,126 @@
> +Fix CVE-2020-10531:
> +
> +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10531
> +
> +Patch copied from upstream source repository:
> +
> +https://github.com/unicode-org/icu/commit/b7d08bc04a4296982fcef8b6b8a354a9e4e7afca
> +
> +From b7d08bc04a4296982fcef8b6b8a354a9e4e7afca Mon Sep 17 00:00:00 2001
> +From: Frank Tang <address@hidden>
> +Date: Sat, 1 Feb 2020 02:39:04 +0000
> +Subject: [PATCH] ICU-20958 Prevent SEGV_MAPERR in append
> +
> +See #971
> +---
> + icu4c/source/common/unistr.cpp | 6 ++-
> + icu4c/source/test/intltest/ustrtest.cpp | 62 +++++++++++++++++++++++++
> + icu4c/source/test/intltest/ustrtest.h | 1 +
> + 3 files changed, 68 insertions(+), 1 deletion(-)
I'm not sure if the new test case as well as this git commit header is
necessary. IMO it mostly adds noise to the patch. I.e. the whole file
could be shortened to 6 lines + your comments at the top.
But no strong opinion, there is an argument to be made for preserving
upstream commits in their entirety too (I think).
So, LGTM either way. Thank you!
signature.asc
Description: PGP signature