[Buildroot] [PATCH RESEND] package/icu: bump to version 68-1
Peter Korsgaard
peter at korsgaard.com
Mon Nov 23 12:20:20 UTC 2020
>>>>> "Heiko" == Heiko Stuebner <heiko at sntech.de> writes:
> From: Heiko Stuebner <heiko.stuebner at theobroma-systems.com>
> This includes the fix [0] for CVE-2020-10531 .
> [0] https://github.com/unicode-org/icu/commit/b7d08bc04a4296982fcef8b6b8a354a9e4e7afca
> Signed-off-by: Heiko Stuebner <heiko.stuebner at theobroma-systems.com>
> ---
> I'm not sure if I did something wrong in the initial submission,
> but so far got no response at all, so am including some more
> people who recently committed changes to icu.
> As this fixes a CVE, I guess this might need some sort of priority.
There is quite some pending patches. It would be good to explicitly mark
it as a security fix, E.G. 'package/icu: security bump to version 68-1',
to make sure it isn't missed for master, as package bumps otherwise now
only go to next as we are busy getting 2020.11 stablized and released.
How much have you tested this? New icu releases unfortunately have a
tendency to cause various breakage? Would it be an option to backport
this fix to the 67-1 release for 2020.11 / 2020.02 and only bump to 68-1
for next?
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list