[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1085-1] libidn2-0 security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : libidn2-0
Version        : 0.8-2+deb7u1
CVE ID         : CVE-2017-14062
Debian Bug     : #873902

It was discovered that there was an integer overflow vulnerability
in libidn2-0's Punycode handling (an encoding used to convert Unicode
characters to ASCII) which would have allowed attackers to cause a
remote denial of service.

For Debian 7 "Wheezy", this issue has been fixed in libidn2-0 version
0.8-2+deb7u1.

We recommend that you upgrade your libidn2-0 packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlmrpEoACgkQHpU+J9Qx
HlgokRAAtboH1YFhA3YDu+GMfZQB3KCDmsVcVp1bl9AnQNnv9jqhJonk2GQF9rGY
NDNysLe9C7mnfuOpD8wV9+wHWafJWQx/mgeGDVbVbnEMP9Gb3EKpaWOLaJlBTfUm
TNHzdpcGnrc9vDey8Q5dZUbgDflLyFcJ/t0oNpAV0MWWYAQuh3+ndwDDQhXbesb6
h0jUjouISo9snhodwvGafVUCdbFgZp9uB3Yskgn9bYgAbmih/CKlygZuXiVFlOmq
G1i5RUKxU0wdSu6fwgDgN8XedTMkH8Fwjf3NWq18Uq5G2Lfn6k2L31WoqlQYanIb
G5wQzXGDXe7nSa/C07udi2ehueHKWdhmhEUUpG2ddRqekrDECS45198bFvLVnSwZ
MBjAGixB3i54Wv3lkrZtWi2OqRu7VVolC49ZM94fJSVDLeAReJjVsbRF9tJzy9a3
hHTOvGNCI5yrz3MbtnwRyRZ5HCOyIBwmpAfvfaEBgrbsekYJYkAjCQRd6H/1AGHf
gZMthTgTK379hi5Ht4dhDCVndsy4SqhvRJOdrBhk2A8KzzSaTGFoOfAQ/6y5uxQy
nhjzG0zi4a9uphSSdcXszp1RB6IAdqUDyLh14GbSexrXwYBt8QUzcSBs9kp9gyKy
VDW46XZrHssCDrrpbRj193KTuhXDG0/Kfn0F2vp2mrLOn4Lh7aM=
=D81U
-----END PGP SIGNATURE-----


Reply to: