Stay Secure with the Latest Linux Advisories

security advisorysecurity updateimportant issues

openSUSE Leap 15.3: 2021:4063-1 Important: icu.691 Security Fix

An update that contains security fixes and contains one feature can now be installed. . openSUSE Security Update: Security update for icu.691 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:4063-1 Rating: important References: #1158955 #1159131 #1161007 #1162882 #1167603 #1182252 #1182645 SLE-17893 Affected Products: openSUSE Leap 15.3 ______________________________________________________________________________ An update that contains security fixes and contains one feature can now be installed. Description: This update for icu.691 fixes the following issues: - Renamed package from icu 69.1 for SUSE:SLE-15-SP3:Update. (jsc#SLE-17893) - Fix undefined behaviour in 'ComplexUnitsConverter::applyRounder' - Update to release 69.1 - For Norwegian, "no" is back to being the canonical code, with "nb" treated as equivalent. This aligns handling of Norwegian with other macro language codes. - Binary prefixes in measurement units (KiB, MiB, etc.) - Time zone offsets from local time with new APIs. - Don't disable testsuite under 'qemu-linux-user' - Fixed an issue when ICU test on 'aarch64 fails. (bsc#1182645) - Drop 'SUSE_ASNEEDED' as the issue was in binutils. (bsc#1182252) - Fix 'pthread' dependency issue. (bsc#1182252) - Update to release 68.2 - Fix memory problem in 'FormattedStringBuilder' - Fix assertion when 'setKeywordValue w/' long value. - Fix UBSan breakage on 8bit of rbbi - fix int32_t overflow in listFormat - Fix memory handling in MemoryPool::operator=() - Fix memory leak in AliasReplacer - Add back icu.keyring. - Update to release 68.1 - PluralRules selection for ranges of numbers - Locale ID canonicalization now conforms to the CLDR spec including edge cases - DateIntervalFormat supports output options such as capitalization - Measurementunits are normalized in skeleton string output - Time zone data (tzdata) version 2020d - Add the provides for libicu to Make .Net core can install successfully. (bsc#1167603, bsc#1161007) - Update to version 67.1 - Unicode 13 (ICU-20893, same as in ICU 66) - Total of 5930 new characters - 4 new scripts - 55 new emoji characters, plus additional new sequences - New CJK extension, first characters in plane 3: U+30000..U+3134A - New language at Modern coverage: Nigerian Pidgin - New languages at Basic coverage: Fulah (Adlam), Maithili, Manipuri, Santali, Sindhi (Devanagari), Sundanese - Region containment: EU no longer includes GB - Unicode 13 root collation data and Chinese data for collation and transliteration - DateTimePatternGenerator now obeys the "hc" preference in the locale identifier - Various other improvements for ECMA-402 conformance - Number skeletons have a new "concise" form that can be used in MessageFormat strings - Currency formatting options for formal and other currency display name variants - ListFormatter: new public API to select the style & type - ListFormatter now selects the proper ???and???/???or??? form for Spanish & Hebrew. - Locale ID canonicalization upgraded to implement the complete CLDR spec. - LocaleMatcher: New option to ignore one-way matches - acceptLanguage() reimplemented via LocaleMatcher - Data build tool: tzdbNames.res moved from the "zone_tree" category to the "zone_supplemental" category - Fixed uses of u8"literals" broken by the C++20 introduction of the incompatible char8_t type - and added a few API overloads to reduce the need for reinterpret_cast. - Support for manipulating CLDR 37 unit identifiers in MeasureUnit. - Drop icu-versioning. (bsc#1159131) - Update to version 66.1 - Unicode 13 support - Fix uses of u8"literals" broken by C++20introduction of incompatible char8_t type. - Fixed an issue when Qt apps can't handle non-ASCII filesystem path. ([bsc#1162882) - Remove '/usr/lib(64)/icu/current'. (bsc#1158955) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2021-4063=1 Package List: - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): icu.691-69.1-7.3.2 icu.691-debuginfo-69.1-7.3.2 icu.691-debugsource-69.1-7.3.2 icu.691-devel-69.1-7.3.2 icu.691-doc-69.1-7.3.2 libicu69-69.1-7.3.2 libicu69-debuginfo-69.1-7.3.2 - openSUSE Leap 15.3 (noarch): libicu69-bedata-69.1-7.3.2 libicu69-ledata-69.1-7.3.2 References: https://bugzilla.suse.com/1158955 https://bugzilla.suse.com/1159131 https://bugzilla.suse.com/1161007 https://bugzilla.suse.com/1162882 https://bugzilla.suse.com/1167603 https://bugzilla.suse.com/1182252 https://bugzilla.suse.com/1182645 . This critical Fedora update upgrades libpng.123 with improvements and additional capabilities, maintaining system reliability and efficiency.. openSUSE Updates, icu Security Fixes, Linux Patch Management. . Severity: Important. LinuxSecurity.com Team

Dec 14, 2021 •Important OpenSUSE