gnu: icu4c: Add fixes for CVE-2014-6585 and CVE-2015-1270.

* gnu/packages/patches/icu4c-CVE-2014-6585.patch,
  gnu/packages/patches/icu4c-CVE-2015-1270.patch: New files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/icu4c.scm (icu4c)[source]: Add patches.

1 files changed, 15 insertions, 0 deletions

diff --git a/gnu/packages/patches/icu4c-CVE-2015-1270.patch b/gnu/packages/patches/icu4c-CVE-2015-1270.patch
new file mode 100644
index 0000000000..2a7658d36e
--- /dev/null
+++ b/gnu/packages/patches/icu4c-CVE-2015-1270.patch
@@ -0,0 +1,15 @@
+Copied from Debian.
+
+diff --git a/source/common/ucnv_io.cpp b/source/common/ucnv_io.cpp
+index 5dd35d8..4424664 100644
+--- a/source/common/ucnv_io.cpp
++++ b/source/common/ucnv_io.cpp
+@@ -744,7 +744,7 @@ ucnv_io_getConverterName(const char *alias, UBool *containsOption, UErrorCode *p
+              * the name begins with 'x-'. If it does, strip it off and try
+              * again.  This behaviour is similar to how ICU4J does it.
+              */
+-            if (aliasTmp[0] == 'x' || aliasTmp[1] == '-') {
++            if (aliasTmp[0] == 'x' && aliasTmp[1] == '-') {
+                 aliasTmp = aliasTmp+2;
+             } else {
+                 break;