SUSE 5147 Published by

An icu.691 security update has been released for openSUSE Leap 15.3.



openSUSE-SU-2021:4063-1: important: Security update for icu.691


openSUSE Security Update: Security update for icu.691
______________________________________________________________________________

Announcement ID: openSUSE-SU-2021:4063-1
Rating: important
References: #1158955 #1159131 #1161007 #1162882 #1167603
#1182252 #1182645 SLE-17893
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________

An update that contains security fixes and contains one
feature can now be installed.

Description:

This update for icu.691 fixes the following issues:

- Renamed package from icu 69.1 for SUSE:SLE-15-SP3:Update. (jsc#SLE-17893)
- Fix undefined behaviour in 'ComplexUnitsConverter::applyRounder'

- Update to release 69.1
- For Norwegian, "no" is back to being the canonical code, with "nb"
treated as equivalent. This aligns handling of Norwegian with other
macro language codes.
- Binary prefixes in measurement units (KiB, MiB, etc.)
- Time zone offsets from local time with new APIs.
- Don't disable testsuite under 'qemu-linux-user'
- Fixed an issue when ICU test on 'aarch64 fails. (bsc#1182645)
- Drop 'SUSE_ASNEEDED' as the issue was in binutils. (bsc#1182252)
- Fix 'pthread' dependency issue. (bsc#1182252)

- Update to release 68.2
- Fix memory problem in 'FormattedStringBuilder'
- Fix assertion when 'setKeywordValue w/' long value.
- Fix UBSan breakage on 8bit of rbbi
- fix int32_t overflow in listFormat
- Fix memory handling in MemoryPool::operator=()
- Fix memory leak in AliasReplacer

- Add back icu.keyring.
- Update to release 68.1
- PluralRules selection for ranges of numbers
- Locale ID canonicalization now conforms to the CLDR spec including
edge cases
- DateIntervalFormat supports output options such as capitalization
- Measurement units are normalized in skeleton string output
- Time zone data (tzdata) version 2020d

- Add the provides for libicu to Make .Net core can install successfully.
(bsc#1167603, bsc#1161007)
- Update to version 67.1
- Unicode 13 (ICU-20893, same as in ICU 66)
- Total of 5930 new characters
- 4 new scripts
- 55 new emoji characters, plus additional new sequences
- New CJK extension, first characters in plane 3: U+30000..U+3134A
- New language at Modern coverage: Nigerian Pidgin
- New languages at Basic coverage: Fulah (Adlam), Maithili, Manipuri,
Santali, Sindhi (Devanagari), Sundanese
- Region containment: EU no longer includes GB
- Unicode 13 root collation data and Chinese data for collation and
transliteration
- DateTimePatternGenerator now obeys the "hc" preference in the locale
identifier
- Various other improvements for ECMA-402 conformance
- Number skeletons have a new "concise" form that can be used in
MessageFormat strings
- Currency formatting options for formal and other currency display name
variants
- ListFormatter: new public API to select the style & type
- ListFormatter now selects the proper ???and???/???or??? form for
Spanish & Hebrew.
- Locale ID canonicalization upgraded to implement the complete CLDR
spec.
- LocaleMatcher: New option to ignore one-way matches
- acceptLanguage() reimplemented via LocaleMatcher
- Data build tool: tzdbNames.res moved from the "zone_tree" category to
the "zone_supplemental" category
- Fixed uses of u8"literals" broken by the C++20 introduction of the
incompatible char8_t type
- and added a few API overloads to reduce the need for reinterpret_cast.
- Support for manipulating CLDR 37 unit identifiers in MeasureUnit.

- Drop icu-versioning. (bsc#1159131)
- Update to version 66.1
- Unicode 13 support
- Fix uses of u8"literals" broken by C++20 introduction of incompatible
char8_t type.

- Fixed an issue when Qt apps can't handle non-ASCII filesystem path.
([bsc#1162882)
- Remove '/usr/lib(64)/icu/current'. (bsc#1158955)

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.3:

zypper in -t patch openSUSE-SLE-15.3-2021-4063=1


Package List:

- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):

icu.691-69.1-7.3.2
icu.691-debuginfo-69.1-7.3.2
icu.691-debugsource-69.1-7.3.2
icu.691-devel-69.1-7.3.2
icu.691-doc-69.1-7.3.2
libicu69-69.1-7.3.2
libicu69-debuginfo-69.1-7.3.2

- openSUSE Leap 15.3 (noarch):

libicu69-bedata-69.1-7.3.2
libicu69-ledata-69.1-7.3.2

References:

  https://bugzilla.suse.com/1158955
  https://bugzilla.suse.com/1159131
  https://bugzilla.suse.com/1161007
  https://bugzilla.suse.com/1162882
  https://bugzilla.suse.com/1167603
  https://bugzilla.suse.com/1182252
  https://bugzilla.suse.com/1182645