openSUSE Security Update: Security update for icu.691
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2021:4063-1
Rating:             important
References:         #1158955 #1159131 #1161007 #1162882 #1167603 
                    #1182252 #1182645 SLE-17893 
Affected Products:
                    openSUSE Leap 15.3
______________________________________________________________________________

   An update that contains security fixes and contains one
   feature can now be installed.

Description:

   This update for icu.691 fixes the following issues:


   - Renamed package from icu 69.1 for SUSE:SLE-15-SP3:Update. (jsc#SLE-17893)
   - Fix undefined behaviour in 'ComplexUnitsConverter::applyRounder'

   - Update to release 69.1
     - For Norwegian, "no" is back to being the canonical code, with "nb"
       treated as equivalent. This aligns handling of Norwegian with other
       macro language codes.
     - Binary prefixes in measurement units (KiB, MiB, etc.)
     - Time zone offsets from local time with new APIs.
   - Don't disable testsuite under 'qemu-linux-user'
   - Fixed an issue when ICU test on 'aarch64 fails. (bsc#1182645)
   - Drop 'SUSE_ASNEEDED' as the issue was in binutils. (bsc#1182252)
   - Fix 'pthread' dependency issue. (bsc#1182252)

   - Update to release 68.2
     - Fix memory problem in 'FormattedStringBuilder'
     - Fix assertion when 'setKeywordValue w/' long value.
     - Fix UBSan breakage on 8bit of rbbi
     - fix int32_t overflow in listFormat
     - Fix memory handling in MemoryPool::operator=()
     - Fix memory leak in AliasReplacer

   - Add back icu.keyring.
   - Update to release 68.1
     - PluralRules selection for ranges of numbers
     - Locale ID canonicalization now conforms to the CLDR spec including
       edge cases
     - DateIntervalFormat supports output options such as capitalization
     - Measurement units are normalized in skeleton string output
     - Time zone data (tzdata) version 2020d

   - Add the provides for libicu to Make .Net core can install successfully.
     (bsc#1167603, bsc#1161007)
   - Update to version 67.1
     - Unicode 13 (ICU-20893, same as in ICU 66)
       - Total of 5930 new characters
       - 4 new scripts
       - 55 new emoji characters, plus additional new sequences
       - New CJK extension, first characters in plane 3: U+30000..U+3134A
       - New language at Modern coverage: Nigerian Pidgin
       - New languages at Basic coverage: Fulah (Adlam), Maithili, Manipuri,
         Santali, Sindhi (Devanagari), Sundanese
       - Region containment: EU no longer includes GB
       - Unicode 13 root collation data and Chinese data for collation and
         transliteration
     - DateTimePatternGenerator now obeys the "hc" preference in the locale
       identifier
     - Various other improvements for ECMA-402 conformance
     - Number skeletons have a new "concise" form that can be used in
       MessageFormat strings
     - Currency formatting options for formal and other currency display name
       variants
     - ListFormatter: new public API to select the style & type
     - ListFormatter now selects the proper ???and???/???or??? form for
       Spanish & Hebrew.
     - Locale ID canonicalization upgraded to implement the complete CLDR
       spec.
     - LocaleMatcher: New option to ignore one-way matches
     - acceptLanguage() reimplemented via LocaleMatcher
     - Data build tool: tzdbNames.res moved from the "zone_tree" category to
       the "zone_supplemental" category
     - Fixed uses of u8"literals" broken by the C++20 introduction of the
       incompatible char8_t type
     - and added a few API overloads to reduce the need for reinterpret_cast.
     - Support for manipulating CLDR 37 unit identifiers in MeasureUnit.

   - Drop icu-versioning. (bsc#1159131)
   - Update to version 66.1
     - Unicode 13 support
     - Fix uses of u8"literals" broken by C++20 introduction of incompatible
       char8_t type.

   - Fixed an issue when Qt apps can't handle non-ASCII filesystem path.
     ([bsc#1162882)
   - Remove '/usr/lib(64)/icu/current'. (bsc#1158955)


Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap 15.3:

      zypper in -t patch openSUSE-SLE-15.3-2021-4063=1



Package List:

   - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):

      icu.691-69.1-7.3.2
      icu.691-debuginfo-69.1-7.3.2
      icu.691-debugsource-69.1-7.3.2
      icu.691-devel-69.1-7.3.2
      icu.691-doc-69.1-7.3.2
      libicu69-69.1-7.3.2
      libicu69-debuginfo-69.1-7.3.2

   - openSUSE Leap 15.3 (noarch):

      libicu69-bedata-69.1-7.3.2
      libicu69-ledata-69.1-7.3.2


References:

   https://bugzilla.suse.com/1158955
   https://bugzilla.suse.com/1159131
   https://bugzilla.suse.com/1161007
   https://bugzilla.suse.com/1162882
   https://bugzilla.suse.com/1167603
   https://bugzilla.suse.com/1182252
   https://bugzilla.suse.com/1182645