[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DSA 5063-1] uriparser security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5063-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
January 26, 2022                      https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : uriparser
CVE ID         : CVE-2021-46141 CVE-2021-46142

Two vulnerabilities were discovered in uriparser, a library that parses
Uniform Resource Identifiers (URIs), which may result in denial of
service or potentially in the the execution of arbitrary code.

For the oldstable distribution (buster), these problems have been fixed
in version 0.9.1-1+deb10u1.

For the stable distribution (bullseye), these problems have been fixed in
version 0.9.4+dfsg-1+deb11u1.

We recommend that you upgrade your uriparser packages.

For the detailed security status of uriparser please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/uriparser

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmHxpfRfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0SO6w//Sczq6tmtTS6n2CZBBlwi4LJhBmQT2EvqYO1++pJuIHcoQSbTpBAAUXiV
fkpvX2XY/Ib53tHe3OpLcjjDokCQPTVRaZ4gHDn1t+UmgWPWZpcM86eoTpfGOhSu
gzsOP/Bnc56oFh4B/CpPWDj6qbDEFzgQvbxDdP+Ib7aKghvwQrYv3fiCj972+Sn8
/aBYNnyNDNW74shyUOXK4RysI14PdKkgPgiwakZSFDP/DxOf5n009SpJjFVuVooY
FkgmG5yFCuFryA4F0c7zfTGXa40WrBJljSQB8BH9NQygtzR6TA3Qdpk1Jt2wZ8y7
D7Nt9713pwjcI2lo5LGmGrV3wrqwN6PEqFuG9yt5wefo8LNb3VOafYFO+m7YWjEl
LjGkqDAGl33vq2S2ViMKCfpcSN3DgNL3JRGDVHTOruq7/iOVtuwomKwjKJPR/P6j
0Fjh3WlQLv6Xh1KdNn8eQGrwq04oPlfttD4SCVQx0OYtSA5Y437AvrGXn/ayGI8q
VFDd1Q/APP4brnPzoGQ6VBoYIPwNMk3J9Y7cJbBlqzDXORZwP1HmDrtIFjdEZbMe
utQ366atPq9Tck5/DoQi6D0pTmwgaDKgOUqSqQmGUS/D0dDO3ut47JwMD0Ve6FEj
wYShpzIEpRCspAyxSAfJZL46n49GkP/jnYonB/i7CIqMam1uPD0=
=H/LD
-----END PGP SIGNATURE-----


Reply to: