From 4457bb5bf106a91ed131a506269c5e09606c6f57 Mon Sep 17 00:00:00 2001
From: Max Rees <maxcrees@me.com>
Date: Mon, 16 Mar 2020 18:00:11 -0500
Subject: system/icu: patch CVE-2020-10531

Also remove obsolete CVE-2017-7867-7868.patch - this was merged since at
least 59.1 and was left over from when icu was originally pulled into the
system/ tree in 2018.
https://github.com/unicode-org/icu/commit/35a07bf89d64809b2e9af3cc90b53e3261677c53
---
 system/icu/APKBUILD | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

(limited to 'system/icu/APKBUILD')

diff --git a/system/icu/APKBUILD b/system/icu/APKBUILD
index 4165246a3..046698316 100644
--- a/system/icu/APKBUILD
+++ b/system/icu/APKBUILD
@@ -6,7 +6,7 @@ pkgver=65.1
 # convert x.y.z to x_y_z
 _ver=$(printf '%s' "$pkgver" | tr . _)
 
-pkgrel=0
+pkgrel=1
 pkgdesc="International Components for Unicode"
 url="http://site.icu-project.org/"
 arch="all"
@@ -17,6 +17,7 @@ makedepends=""
 subpackages="$pkgname-static $pkgname-dev $pkgname-doc $pkgname-libs"
 source="https://github.com/unicode-org/icu/releases/download/release-$(printf '%s' "$pkgver" | tr . -)/${pkgname}4c-$_ver-src.tgz
 	icu-60.2-always-use-utf8.patch
+	CVE-2020-10531.patch
 	"
 
 # secfixes:
@@ -27,6 +28,9 @@ source="https://github.com/unicode-org/icu/releases/download/release-$(printf '%
 #   58.2-r2:
 #     - CVE-2017-7867
 #     - CVE-2017-7868
+#   65.1-r1:
+#     - CVE-2020-10531
+
 builddir="$srcdir"/icu/source
 
 prepare() {
@@ -73,4 +77,5 @@ static() {
 }
 
 sha512sums="8f1ef33e1f4abc9a8ee870331c59f01b473d6da1251a19ce403f822f3e3871096f0791855d39c8f20c612fc49cda2c62c06864aa32ddab2dbd186d2b21ce9139  icu4c-65_1-src.tgz
-f86c62422f38f6485c58d4766e629bab69e4b0e00fa910854e40e7db1ace299152eaefa99ae2fbab7465e65d3156cbea7124612defa60680db58ab5c34d6262f  icu-60.2-always-use-utf8.patch"
+f86c62422f38f6485c58d4766e629bab69e4b0e00fa910854e40e7db1ace299152eaefa99ae2fbab7465e65d3156cbea7124612defa60680db58ab5c34d6262f  icu-60.2-always-use-utf8.patch
+2901235a24b1973516e495473188b077eb0486714ac47f702f226a3406176e913672159978b67548a1316284ecc716e06158b05c190ddfa83ad576a7a3539d72  CVE-2020-10531.patch"
-- 
cgit v1.2.3-70-g09d2