[gnome-continuous-yocto/gnomeostree-3.28-rocko: 8219/8267] icu: CVE-2017-14952

From: Emmanuele Bassi <ebassi src gnome org>
To: commits-list gnome org
Cc:
Subject: [gnome-continuous-yocto/gnomeostree-3.28-rocko: 8219/8267] icu: CVE-2017-14952
Date: Sun, 17 Dec 2017 07:20:40 +0000 (UTC)

commit c6d473f460f1eb7f6605057e10b12cab2ab78f5f
Author: Ovidiu Panait <ovidiu panait windriver com>
Date:   Fri Nov 10 17:46:10 2017 +0200

    icu: CVE-2017-14952
    
    Double free in i18n/zonemeta.cpp in International Components for Unicode
    (ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary
    code via a crafted string, aka a "redundant UVector entry clean up
    function call" issue.
    
    Reference:
    https://nvd.nist.gov/vuln/detail/CVE-2017-14952
    
    Upstream patches:
    http://bugs.icu-project.org/trac/changeset/40324/trunk/icu4c/source/i18n/zonemeta.cpp
    
    (From OE-Core rev: 16006869e30395dd758a1797e324567ec4f8e074)
    
    Signed-off-by: Ovidiu Panait <ovidiu panait windriver com>
    Signed-off-by: Ross Burton <ross burton intel com>
    (cherry picked from commit 4ff12a8bf2b8d094085afbe8fa1d43f781cfa79d)
    Signed-off-by: Armin Kuster <akuster808 gmail com>
    Signed-off-by: Richard Purdie <richard purdie linuxfoundation org>

 meta/recipes-support/icu/icu/CVE-2017-14952.patch |   28 +++++++++++++++++++++
 meta/recipes-support/icu/icu_59.1.bb              |    1 +
 2 files changed, 29 insertions(+), 0 deletions(-)
---
diff --git a/meta/recipes-support/icu/icu/CVE-2017-14952.patch 
b/meta/recipes-support/icu/icu/CVE-2017-14952.patch
new file mode 100644
index 0000000..f759efc
--- /dev/null
+++ b/meta/recipes-support/icu/icu/CVE-2017-14952.patch
@@ -0,0 +1,28 @@
+From fc83cd832725d3968011f118637b9f5d212e8717 Mon Sep 17 00:00:00 2001
+From: Ovidiu Panait <ovidiu panait windriver com>
+Date: Fri, 10 Nov 2017 16:51:25 +0200
+Subject: [PATCH] Removed redundant UVector entry clean up function call.
+
+Upstream-Status: Backport
+CVE: CVE-2017-14952
+
+Signed-off-by: Ovidiu Panait <ovidiu panait windriver com>
+---
+ i18n/zonemeta.cpp | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/i18n/zonemeta.cpp b/i18n/zonemeta.cpp
+index 84a9657..e163b00 100644
+--- a/i18n/zonemeta.cpp
++++ b/i18n/zonemeta.cpp
+@@ -690,7 +690,6 @@ ZoneMeta::createMetazoneMappings(const UnicodeString &tzid) {
+                     mzMappings = new UVector(deleteOlsonToMetaMappingEntry, NULL, status);
+                     if (U_FAILURE(status)) {
+                         delete mzMappings;
+-                        deleteOlsonToMetaMappingEntry(entry);
+                         uprv_free(entry);
+                         break;
+                     }
+-- 
+2.10.2
+
diff --git a/meta/recipes-support/icu/icu_59.1.bb b/meta/recipes-support/icu/icu_59.1.bb
index 31f017b..9fb1be8 100644
--- a/meta/recipes-support/icu/icu_59.1.bb
+++ b/meta/recipes-support/icu/icu_59.1.bb
@@ -17,6 +17,7 @@ SRC_URI = "${BASE_SRC_URI} \
            file://icu-pkgdata-large-cmd.patch \
            file://fix-install-manx.patch \
            file://0001-i18n-Drop-include-xlocale.h.patch \
+           file://CVE-2017-14952.patch \
            "
 
 SRC_URI_append_class-target = "\

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]