Debian Package Tracker

From: Laszlo Boszormenyi (GCS) <gcs@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted icu 52.1-8+deb8u4 (source all amd64) into proposed-updates->stable-new, proposed-updates
Date: Sat, 03 Dec 2016 22:32:09 +0000
Signed by: Laszlo Boszormenyi <gcs@gcs.org.hu>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 10 Sep 2016 12:41:51 +0000
Source: icu
Binary: libicu52 libicu52-dbg libicu-dev icu-devtools icu-doc
Architecture: source all amd64
Version: 52.1-8+deb8u4
Distribution: jessie-security
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Description:
 icu-devtools - Development utilities for International Components for Unicode
 icu-doc    - API documentation for ICU classes and functions
 libicu-dev - Development files for International Components for Unicode
 libicu52   - International Components for Unicode
 libicu52-dbg - International Components for Unicode
Closes: 838694
Changes:
 icu (52.1-8+deb8u4) jessie-security; urgency=high
 .
   * Backport upstream fix for CVE-2014-9911: buffer overflow problem in
     uresbund.cpp .
   * Backport upstream fix for CVE-2015-2632: unspecified vulnerability allows
     remote attackers to affect confidentiality via unknown vectors.
   * Backport upstream fix for CVE-2015-4844: missing boundary checks in
     layout engine.
   * Backport upstream fix for CVE-2016-0494: integer signedness issue in
     IndicRearrangementProcessor.
   * Backport upstream fix for CVE-2016-6293: the uloc_acceptLanguageFromHTTP
     function does not ensure that there is a '\0' character at the end of a
     certain temporary array.
   * Backport upstream fix for CVE-2016-7415: stack-based buffer overflow in
     the Locale class via a long locale string (closes: #838694).
Checksums-Sha1:
 a418170840c349ce3f13be3a10c3e06110229127 2015 icu_52.1-8+deb8u4.dsc
 f15e0b4672a166f0972421d5c4057cc09a5f68fe 35588 icu_52.1-8+deb8u4.debian.tar.xz
 d50459e760db3662a9b460f7598c81f0ee753e1d 2631750 icu-doc_52.1-8+deb8u4_all.deb
 51e46195f86939e8d12a847b5e79a9a368dc69d4 6791206 libicu52_52.1-8+deb8u4_amd64.deb
 597ae811385d75ee3ddf14cf44b6f3112ee57cad 5936428 libicu52-dbg_52.1-8+deb8u4_amd64.deb
 061e72fe500e8c4f3cb29dd273d53e4dce2cba52 7641108 libicu-dev_52.1-8+deb8u4_amd64.deb
 c29d89cce309725978aca5907d494b8d16304114 172472 icu-devtools_52.1-8+deb8u4_amd64.deb
Checksums-Sha256:
 cabdf27f9976550a61f1b5c84d7353f19f3338b55b2b9002f0db593fccda86c7 2015 icu_52.1-8+deb8u4.dsc
 cf298a04a576aaa8016d25ebe1387f6c923de1acea4411a27f9858bf1af72f5a 35588 icu_52.1-8+deb8u4.debian.tar.xz
 0b9c79ad24640bebe3a5ae4616e0adbcf0e3d7ca9499f74bce7436eab95bc282 2631750 icu-doc_52.1-8+deb8u4_all.deb
 d093682f5e37be6dd2ddde27919d73d1504f0f55681d2391eca141a4f5bb2551 6791206 libicu52_52.1-8+deb8u4_amd64.deb
 8b72fd149776759082100c1a859cb615a801a5c496e633350224f8d0639db243 5936428 libicu52-dbg_52.1-8+deb8u4_amd64.deb
 41f61bb03fcc75e66a1506ad767a9d3b534146630434685e0ff21948ee01e805 7641108 libicu-dev_52.1-8+deb8u4_amd64.deb
 a9817ffb9602efded068be2632e1b29453c153e4ea7d66b06028c1731f496fa0 172472 icu-devtools_52.1-8+deb8u4_amd64.deb
Files:
 61ad760e42c2af05dd4769f2c15824f1 2015 libs optional icu_52.1-8+deb8u4.dsc
 77a596741aed9fad6ea5bac64c84c52c 35588 libs optional icu_52.1-8+deb8u4.debian.tar.xz
 f412d6e099f67eaa7667b0ec55f6bdc3 2631750 doc optional icu-doc_52.1-8+deb8u4_all.deb
 b0bc812b59254114fa8e5f758501fec7 6791206 libs optional libicu52_52.1-8+deb8u4_amd64.deb
 10d1048e284ed6e3984b687a235332ad 5936428 debug extra libicu52-dbg_52.1-8+deb8u4_amd64.deb
 844e68100d68e723d0a015eaa1815872 7641108 libdevel optional libicu-dev_52.1-8+deb8u4_amd64.deb
 b73259a4381f7b84cef871fdf4b9c067 172472 libdevel optional icu-devtools_52.1-8+deb8u4_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEfYh9yLp7u6e4NeO63OMQ54ZMyL8FAlg6uisACgkQ3OMQ54ZM
yL8u2Q//QMP5UCvHFG8K7T5a0ycyCY5NwszCfpHgtKSEmtTL+9lxqPS7X+g2Vgtz
ojIiH5Rii9NwkvU/UIhHHxI6avDBEoEtQ2n15kGCfrM6sjI0DJ+sjz3ha9KMKwpL
r61iTEpKAJuQ+CePIRwIbbA3O6hnZmz0XnC8DCOS2WmlyjD5DwndqgfvXjUyVI2F
88XUqkrZIql3GmzZaKHhd9kRQiTuLQ1Yoriw53ETQGSGtqDsFBZHblV/IL40lj3n
bSlf9f8cWzfSDb2Pxy/2nigHBbMXPC78TeXnbfscO9JXSmH4wdV8RZ/Dpry4tpGx
Ts7GpcgbxaOlW+Kc/PNOyirUu6XBP3JdDJD738tyRMlWpZAuylVavyjA0PTXytft
Ba+stK+N74AiQYbeVSi4CjnAUkU2GnvCahzwi4iRVOs73B41Vsmbj/tcjxjFk/aL
o0tloIgSIct40+Fj/Y/OjuXEZMMuPl5dqkM27fLB0ynQlCLb23DMyhuzGSowBrgf
Qqed2Wj56HeX9RXgTjFIkzGIED8JxJ683K6Ih354VE5gq+gJ8bZ26iSUV0PP78Hd
o6FIqMtzyMXpFx9evwIqNIo8aJUS4mGTBAVIC9xGnSYYWxyeJFjz2Xjs2F6jFhbQ
OLHZh46h1K12avdeijHHxYP04UlHnrdxMm/AEkOGCKh3TIQw+m4=
=roEz
-----END PGP SIGNATURE-----
News for package icu
