Bug#726477: icu: CVE-2013-2924

[Jay Berkenbilt]

Moritz Muehlenhoff j...@inutil.org wrote:

 Package: icu
 Severity: grave
 Tags: security
 Justification: user security hole

 The Chrome developers found a security issue in the included ICU:
 http://googlechromereleases.blogspot.de/2013/10/stable-channel-update.html

 The bug http://bugs.icu-project.org/trac/ticket/10318 is restricted, but
 the patch can be found here:
 https://ssl.icu-project.org/trac/changeset/34076

Sorry for not getting to this quickly.  I will wait for the NMU to
transition to jessie and then incorporate it.  I am going to hopefully
have time this weekend to catch up on my debian work including packaging
ICU 52 and requesting a transition.  I will make sure the fix is
incorporated into ICU 52 or, if not, carry the patch forward.

-- 
Jay Berkenbilt q...@debian.org


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#726477: icu: CVE-2013-2924

[Moritz Muehlenhoff]

Package: icu
Severity: grave
Tags: security
Justification: user security hole

The Chrome developers found a security issue in the included ICU:
http://googlechromereleases.blogspot.de/2013/10/stable-channel-update.html

The bug http://bugs.icu-project.org/trac/ticket/10318 is restricted, but
the patch can be found here:
https://ssl.icu-project.org/trac/changeset/34076

Cheers,
Moritz


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org