Security fix CVE-2013-2924, CVE-2013-0900

icu-CVE-2013-2924.patch

@@ -0,0 +1,29 @@
+Index: /icu/trunk/source/i18n/csrucode.cpp
+===================================================================
+--- /icu/trunk/source/i18n/csrucode.cpp	(revision 34075)
++++ /icu/trunk/source/i18n/csrucode.cpp	(revision 34076)
+@@ -34,6 +34,7 @@
+ {
+     const uint8_t *input = textIn->fRawInput;
++    int32_t length = textIn->fRawLength;
+ 
+-    if (input[0] == 0xFE && input[1] == 0xFF) {
++    if (length >=2 && input[0] == 0xFE && input[1] == 0xFF) {
+         return 100;
+     }
+@@ -58,6 +59,7 @@
+ {
+     const uint8_t *input = textIn->fRawInput;
++    int32_t length = textIn->fRawLength;
+ 
+-    if (input[0] == 0xFF && input[1] == 0xFE && (input[2] != 0x00 || input[3] != 0x00)) {
++    if (length >= 4 && input[0] == 0xFF && input[1] == 0xFE && (input[2] != 0x00 || input[3] != 0x00)) {
+         return 100;
+     }
+@@ -82,5 +84,5 @@
+     int32_t confidence = 0;
+ 
+-    if (getChar(input, 0) == 0x0000FEFFUL) {
++    if (limit > 0 && getChar(input, 0) == 0x0000FEFFUL) {
+         hasBOM = TRUE;
+     }

icu.spec

@@ -17,6 +17,8 @@ Source1:	http://download.icu-project.org/files/icu4c/%{version}/%{name}4c-%{tarb
 Patch0:		%{name}4c-3_8-setBreakType.patch
 Patch6:		icu-4.6.1-do-not-promote-ldflags.patch
 Patch7:		icu4c-4_8-CVE-2011-4599.diff
+Patch8:		icu.9737.CVE-2013-0900_changesets_32865_32908.patch
+Patch9:		icu-CVE-2013-2924.patch
 BuildRequires:	doxygen
 Requires:	%{libname} = %{epoch}:%{version}-%{release}
 BuildRoot:	%{_tmppath}/%{name}-%{version}-buildroot
@@ -80,6 +82,8 @@ Development files and headers for the International Components for Unicode.
 %patch0 -p1 -b .setBreakType
 %patch6 -p0 -b .ldflags
 %patch7 -p0 -b .CVE-2011-4599
+%patch8 -p1
+%patch9 -p3
 
 mkdir -p docs
 cd docs