MGASA-2016-0269
- Source
- https://advisories.mageia.org/MGASA-2016-0269.html
- Import Source
- https://advisories.mageia.org/MGASA-2016-0269.json
- JSON Data
- https://api.osv.dev/v1/vulns/MGASA-2016-0269
- Related
- Published
- 2016-07-26T22:11:11Z
- Modified
- 2016-07-26T22:05:24Z
- Summary
- Updated libidn packages fix security vulnerability
- Details
-
Out-of-bounds stack read in libidn before 1.33 in idnatoascii_4i (CVE-2016-6261).
Out-of-bounds-read in libidn when reading one zero byte as input (CVE-2015-8948, CVE-2016-6262).
In libidn before 1.33, stringpreputf8nfkc_normalize would crash when presented with invalid UTF-8 (CVE-2016-6263).
- References
-
- https://advisories.mageia.org/MGASA-2016-0269.html
- https://bugs.mageia.org/show_bug.cgi?id=19011
- https://lists.gnu.org/archive/html/help-libidn/2016-07/msg00009.html
- http://openwall.com/lists/oss-security/2016/07/21/4
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/EQDCSQNM5LICMOIEU5H63QDQ4Z436KC5/
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:5 / libidn
Package
- Name
- libidn
- Purl
- pkg:rpm/mageia/libidn?distro=mageia-5