diff options
Diffstat (limited to 'gnu/packages')
| -rw-r--r-- | gnu/packages/icu4c.scm | 10 | ||||
| -rw-r--r-- | gnu/packages/patches/icu4c-CVE-2017-14952.patch | 18 |
2 files changed, 28 insertions, 0 deletions
diff --git a/gnu/packages/icu4c.scm b/gnu/packages/icu4c.scm index 3461285850..55bc9f2035 100644 --- a/gnu/packages/icu4c.scm +++ b/gnu/packages/icu4c.scm @@ -32,6 +32,7 @@ (define-public icu4c (package (name "icu4c") + (replacement icu4c-fixed) (version "58.2") (source (origin (method url-fetch) @@ -70,6 +71,15 @@ C/C++ part.") (license x11) (home-page "http://site.icu-project.org/"))) +(define icu4c-fixed + (package + (inherit icu4c) + (source (origin + (inherit (package-source icu4c)) + (patches (append + (origin-patches (package-source icu4c)) + (search-patches "icu4c-CVE-2017-14952.patch"))))))) + (define-public java-icu4j (package (name "java-icu4j") diff --git a/gnu/packages/patches/icu4c-CVE-2017-14952.patch b/gnu/packages/patches/icu4c-CVE-2017-14952.patch new file mode 100644 index 0000000000..564f69d01d --- /dev/null +++ b/gnu/packages/patches/icu4c-CVE-2017-14952.patch @@ -0,0 +1,18 @@ +Fix CVE-2017-14952: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14952 + +Patch copied from upstream source repository: + +http://bugs.icu-project.org/trac/changeset/40324/trunk/icu4c/source/i18n/zonemeta.cpp#file0 + +Index: trunk/icu4c/source/i18n/zonemeta.cpp +=================================================================== +--- icu/source/i18n/zonemeta.cpp (revision 40283) ++++ icu/source/i18n/zonemeta.cpp (revision 40324) +@@ -691,5 +691,4 @@ + if (U_FAILURE(status)) { + delete mzMappings; +- deleteOlsonToMetaMappingEntry(entry); + uprv_free(entry); + break; |