Skip to content

[AUTO-CHERRYPICK] [AutoPR- Security] Patch icu for CVE-2025-5222 [HIGH] - branch 3.0-dev #14523

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 18, 2025
Merged

[AUTO-CHERRYPICK] [AutoPR- Security] Patch icu for CVE-2025-5222 [HIGH] - branch 3.0-dev #14523

merged 1 commit into from
Aug 18, 2025

Conversation

CBL-Mariner-Bot
Copy link
Collaborator

This is an auto-generated pull request to cherry-pick commit 0a3a1d7 to 3.0-dev. Original PR: #14486

@azurelinux-security @kgodara912
@akhila-guruju @CBL-Mariner-Bot
[AutoPR- Security] Patch icu for CVE-2025-5222 [HIGH] (#14486)
102f81e 
Co-authored-by: kgodara912 <kshigodara@outlook.com>
Co-authored-by: akhila-guruju <v-guakhila@microsoft.com>
(cherry picked from commit 0a3a1d7)
@CBL-Mariner-Bot CBL-Mariner-Bot requested a review from a team as a code owner August 15, 2025 18:43
@CBL-Mariner-Bot CBL-Mariner-Bot added the Auto Fast-track Cherry-pick Automatic cherry-pick from fast-track branch label Aug 15, 2025
@CBL-Mariner-Bot CBL-Mariner-Bot mentioned this pull request Aug 15, 2025
Merged
12 tasks
@CBL-Mariner-Bot
Copy link
Collaborator Author

✅ PR Check Passed

No critical issues detected in spec file changes.

🤖 AI Analysis Summary:

Brief Analysis:
This PR adds a new patch (CVE-2025-5222.patch) for ICU addressing a buffer overflow by switching from raw char arrays to a safer CharString implementation. The changes are accurately reflected in the spec file and changelog.

Critical Issues Found:
None noted – the patch file is present, referenced, and documented properly.

Recommended Actions:
• Verify that the %autosetup directive applies the patch correctly in the build.
• Confirm CI tests for memory safety and regression pass.
• Merge after security review validation.

📋 For detailed analysis and recommendations, check the Azure DevOps pipeline logs.

@PawelWMS PawelWMS merged commit 9233bd0 into 3.0-dev Aug 18, 2025
27 of 32 checks passed
@PawelWMS PawelWMS deleted the cblmargh/cherry-pick-pr-14486-to-3.0-dev branch August 18, 2025 19:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
3.0-dev PRs Destined for AzureLinux 3.0 Auto Fast-track Cherry-pick Automatic cherry-pick from fast-track branch Automatic PR Packaging
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@CBL-Mariner-Bot @PawelWMS @azurelinux-security