Issue 106904 - ICU needs to be updated because of known security vulnerability
Summary: ICU needs to be updated because of known security vulnerability
Alias: None
Product: Internationalization
Classification: Code
Component: code (show other issues)
Version: OOO320m4
Hardware: All All
: P3 Trivial (vote)
Target Milestone: ---
Assignee: stefan.baltzer
QA Contact: issues@l10n
: 104564 (view as issue list)
Depends on:
Blocks: 99999 104564
  Show dependency tree
Reported: 2009-11-13 15:28 UTC by malte_timmermann
Modified: 2017-05-20 11:42 UTC (History)
1 user (show)

See Also:
Issue Type: DEFECT
Latest Confirmation in: ---
Developer Difficulty: ---


Note You need to log in before you can comment on or make changes to this issue.
Description malte_timmermann 2009-11-13 15:28:56 UTC 
OOo is _NOT_ affected, but we don't want to ship the vulnerable version in newer
Comment 1 malte_timmermann 2009-11-13 15:29:48 UTC
ooo 3.2 (security)
Comment 2 ooo 2009-11-16 13:11:05 UTC
Will upgrade ICU to 4.0.1 in CWS icuooo32.

Further references:

OOo does not use the vulnerable character conversions.
Comment 3 ooo 2009-11-17 15:15:38 UTC
In cws icuooo32:

revision 277537
D icu/download/icu-4.0.tar.gz
A icu/download/icu4c-4_0_1-src.tgz
D icu/icu-4.0.patch
A icu/icu4c-4_0_1-src.patch
M icu/
M icu/
Comment 4 ooo 2009-11-30 12:52:24 UTC
To QA.
Comment 5 stefan.baltzer 2009-11-30 13:09:26 UTC
Verified in CWS icuooo32.
Comment 6 2010-08-17 11:31:13 UTC
*** Issue 104564 has been marked as a duplicate of this issue. ***