Layout Engine security fix for CVE-2013-5907
Description
The following fix was applied to ICU embedded in OpenJDK:
http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/9d29c19f1de1
The same fix seems applicable to the current ICU trunk, but isn't applied there yet. Is it unneeded for some less obvious reason, or just not committed yet?
Activity
Show:
TracBot
June 30, 2018, 11:59 PM
Trac Comment 6 by —2015-12-17T18:01:25.645Z
le_int32 store = (le_uint32)order;
signed/unsigned mismatch, please fix
TracBot
June 30, 2018, 11:59 PM
Trac Comment 1 by —2014-02-06T18:17:57.345Z
It is applicable and needs to be committed.