Leo Famulari <leo@famulari.name> writes:
Toggle quote (5 lines)
> * gnu/packages/patches/icu4c-CVE-2020-10531.patch: New file.> * gnu/local.mk (dist_patch_DATA): Add it.> * gnu/packages/icu4c.scm (icu4c)[replacement]: New field.> (icu4c/fixed): New variable.
[...]
Toggle quote (26 lines)
> diff --git a/gnu/packages/patches/icu4c-CVE-2020-10531.patch b/gnu/packages/patches/icu4c-CVE-2020-10531.patch> new file mode 100644> index 0000000000..e996783e75> --- /dev/null> +++ b/gnu/packages/patches/icu4c-CVE-2020-10531.patch> @@ -0,0 +1,126 @@> +Fix CVE-2020-10531:> +> +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10531> +> +Patch copied from upstream source repository:> +> +https://github.com/unicode-org/icu/commit/b7d08bc04a4296982fcef8b6b8a354a9e4e7afca> +> +From b7d08bc04a4296982fcef8b6b8a354a9e4e7afca Mon Sep 17 00:00:00 2001> +From: Frank Tang <ftang@chromium.org>> +Date: Sat, 1 Feb 2020 02:39:04 +0000> +Subject: [PATCH] ICU-20958 Prevent SEGV_MAPERR in append> +> +See #971> +---> + icu4c/source/common/unistr.cpp | 6 ++-> + icu4c/source/test/intltest/ustrtest.cpp | 62 +++++++++++++++++++++++++> + icu4c/source/test/intltest/ustrtest.h | 1 +> + 3 files changed, 68 insertions(+), 1 deletion(-)
I'm not sure if the new test case as well as this git commit header isnecessary. IMO it mostly adds noise to the patch. I.e. the whole filecould be shortened to 6 lines + your comments at the top.
But no strong opinion, there is an argument to be made for preservingupstream commits in their entirety too (I think).
So, LGTM either way. Thank you!