mamash
commented
6 years ago I just merged this. Note that when a major lib version is updated (e.g. libicu went from 58 to 60), all packages that may end up depending on the need a PKGREVISION bump, so that existing binary packages out there (e.g. on VMs already deployed) are forced to update too and not end up with a broken runtime link. This is best done when merging though, because you end up touching hundreds of packages and it may get nasty when other commits are involved.
Fixes: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7867 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7868 https://nvd.nist.gov/vuln/detail/CVE-2017-14952 https://nvd.nist.gov/vuln/detail/CVE-2017-14952 https://nvd.nist.gov/vuln/detail/CVE-2017-17484 https://nvd.nist.gov/vuln/detail/CVE-2017-17484