diff --git a/icu.spec b/icu.spec index 0ecda53..0e541e6 100644 --- a/icu.spec +++ b/icu.spec @@ -7,7 +7,7 @@ Summary: International Components for Unicode Name: icu Version: 4.8 -Release: %mkrel 1 +Release: 2 Epoch: 1 License: MIT Group: System/Libraries @@ -16,9 +16,9 @@ Source0: http://download.icu-project.org/files/icu4c/%{version}/%{name}4c-%{tarb Source1: http://download.icu-project.org/files/icu4c/%{version}/%{name}4c-%{tarballver}-docs.zip Patch0: %{name}4c-3_8-setBreakType.patch Patch6: icu-4.6.1-do-not-promote-ldflags.patch +Patch7: icu4c-4_8-CVE-2011-4599.diff BuildRequires: doxygen -Requires: %{libname} = %{epoch}:%{version}-%{release} -BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot +Requires: %{libname} >= %{epoch}:%{version}-%{release} %description The International Components for Unicode (ICU) libraries provide robust and @@ -48,7 +48,7 @@ include: %package doc Summary: Documentation for the International Components for Unicode Group: System/Libraries -Requires: %{name} = %{epoch}:%{version}-%{release} +Requires: %{name} >= %{epoch}:%{version}-%{release} %description doc Documentation for the International Components for Unicode. @@ -63,7 +63,7 @@ Libraries for the International Components for Unicode. %package -n %{develname} Summary: Development files for the International Components for Unicode Group: Development/Other -Requires: %{libname} = %{epoch}:%{version}-%{release} +Requires: %{libname} >= %{epoch}:%{version}-%{release} Provides: %{name}%{major}-devel = %{epoch}:%{version}-%{release} Provides: %{name}-devel = %{epoch}:%{version}-%{release} Provides: lib%{name}-devel = %{epoch}:%{version}-%{release} @@ -75,9 +75,11 @@ Obsoletes: %mklibname -d icu 34 Development files and headers for the International Components for Unicode. %prep + %setup -q -n %{name} %patch0 -p1 -b .setBreakType %patch6 -p0 -b .ldflags +%patch7 -p0 -b .CVE-2011-4599 mkdir -p docs cd docs @@ -108,35 +110,20 @@ pushd source %makeinstall_std popd -%clean -rm -rf %{buildroot} - -%if %mdkversion < 200900 -%post -n %{libname} -p /sbin/ldconfig -%endif - -%if %mdkversion < 200900 -%postun -n %{libname} -p /sbin/ldconfig -%endif - %files -%defattr(-,root,root) %{_bindir}/* %exclude %{_bindir}/icu-config %{_sbindir}/* %files doc -%defattr(-,root,root) %doc readme.html docs/* %{_mandir}/man1/* %{_mandir}/man8/* %files -n %{libname} -%defattr(-,root,root) %{_libdir}/*.so.%{major}* %files -n %{develname} -%defattr(-,root,root) %{_bindir}/icu-config %{_libdir}/*.so %{_libdir}/pkgconfig/*.pc @@ -151,7 +138,11 @@ rm -rf %{buildroot} %changelog -* Sun Jun 05 2011 Funda Wang 1:4.8-1mdv2011.0 +* Thu Jan 12 2012 Oden Eriksson 1:4.8-2 ++ Revision: 760505 +- sync with MDVSA-2011:194 + +* Sun Jun 05 2011 Funda Wang 1:4.8-1 + Revision: 682800 - new version 4.8 @@ -251,7 +242,7 @@ rm -rf %{buildroot} + Revision: 158374 - fix CVE 2007-4770 and 4771 - + Olivier Blin + + Olivier Blin - restore BuildRoot + Thierry Vignaud diff --git a/icu4c-4_8-CVE-2011-4599.diff b/icu4c-4_8-CVE-2011-4599.diff new file mode 100644 index 0000000..bb06141 --- /dev/null +++ b/icu4c-4_8-CVE-2011-4599.diff @@ -0,0 +1,24 @@ + +https://bugzilla.redhat.com/show_bug.cgi?id=765812 +(icu-4.2.1-9.1.el6_2.src.rpm) + +--- source/common/uloc.c 2011-05-23 21:56:08.000000000 +0000 ++++ source/common/uloc.c.oden 2011-12-27 10:20:29.000000000 +0000 +@@ -1797,7 +1797,7 @@ _canonicalize(const char* localeID, + int32_t variantLen = _deleteVariant(variant, uprv_min(variantSize, (nameCapacity-len)), variantToCompare, n); + len -= variantLen; + if (variantLen > 0) { +- if (name[len-1] == '_') { /* delete trailing '_' */ ++ if (len > 0 && name[len-1] == '_') { /* delete trailing '_' */ + --len; + } + addKeyword = VARIANT_MAP[j].keyword; +@@ -1805,7 +1805,7 @@ _canonicalize(const char* localeID, + break; + } + } +- if (name[len-1] == '_') { /* delete trailing '_' */ ++ if (len > 0 && len <= nameCapacity && name[len-1] == '_') { /* delete trailing '_' */ + --len; + } + }