Log Message:
Pullup ticket #5357 - requested by maya
textproc/icu: security fix (backported)

ICU had a vulnerability (CVE-2017-786[78])
Unfortunately they fixed it by doing a major release and have previously
broken other packages at runtime with such updates.

I've made backports of all the changesets that were mentioned in any of
the links, specifically the oss-fuzz report was somewhat broad and
mentioned 39673 which backported several 'crash' changesets:
http://bugs.icu-project.org/trac/changeset/39663
http://bugs.icu-project.org/trac/changeset/39669
http://bugs.icu-project.org/trac/changeset/39671

The advisory only references code changes relevant to 39671, we could
limit the backport to that.
https://www.debian.org/security/2017/dsa-3830

I've run make replace and smoke-tested with midori
they have a rather extensive testsuite. I've run it with 'make test' and
it didn't show any issues.

These are manual backports by myself as the patches did not apply
cleanly.