[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 291-1] libidn security update



Package        : libidn
Version        : 1.15-2+deb6u2

Adam Sampson found a vulnerability in GNU Libidn, library that
implements the IETF IDN specifications. Libdin incorrectly handled
invalid UTF-8 input, causing it to bad free(). This issue was introduced
by the fix for CVE-2015-2059.

For Debian 6 “Squeeze”, this issue has been fixed in the 1.15-2+deb6u2
version of libidn.

Attachment: signature.asc
Description: Digital signature


Reply to: