[arch-security] [ASA-201607-14] libidn: denial of service
rgacogne at archlinux.org
Sat Jul 30 15:55:51 UTC 2016
Arch Linux Security Advisory ASA-201607-14
Date : 2016-07-30
CVE-ID : CVE-2015-8948 CVE-2016-6261 CVE-2016-6262 CVE-2016-6263
Package : libidn
Type : denial of service
Remote : No
Link : https://wiki.archlinux.org/index.php/CVE
The package libidn before version 1.33-1 is vulnerable to denial of service.
Upgrade to 1.33-1.
# pacman -Syu "libidn>=1.33-1"
The problems have been fixed upstream in version 1.33.
- CVE-2015-8948 (denial of service)
Solve out-of-bounds-read when reading one zero byte as input. Also
replaced fgets with getline. Reported by Hanno Boeck.
- CVE-2016-6261 (denial of service)
Fix out-of-bounds stack read in idna_to_ascii_4i. Reported by Hanno Boeck.
- CVE-2016-6262 (denial of service)
Really fix bug when reading \00 inputs. This issue results from an
incomplete fix for CVE-2015-8948.
- CVE-2016-6263 (denial of service)
stringprep_utf8_nfkc_normalize reject invalid UTF-8. It was always
documented to only accept UTF-8 data, but now it doesn't crash when
presented with such data. Reported by Hanno Boeck.
A local attacker can crash an application using libidn or the idn
program using a specially crafted input, leading to denial of service.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 801 bytes
Desc: OpenPGP digital signature
More information about the arch-security