Thank you for the suggestion. I linked to the upstream bug report that describes the issue, but I can see that it's helpful to have a brief summary in both downstream issues.
Previously, the C/C++ version of libphonenumber was accepting and parsing phone numbers that have malformed UTF-8 sequences in them, by converting the offending bytes to spaces. It now rejects the input instead of returning a phone number, which the Java version has always done. Accepting malformed UTF-8 is a potential security issue. libphonenumber was also accepting well-formed input containing invalid code points like U+0096 (a C1 control character) which can be the result of a bad conversion from Windows 1252 legacy encoding where N DASH (U+2013) is represented by \x96. If the legacy text is treated as iso-8859-1 instead of windows-1252, \x96 will be converted to U+0096 instead of U+2013. This type of input is now rejected as well. Let me know if this explanation could be improved. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1958308 Title: New upstream release - please update To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libphonenumber/+bug/1958308/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
