libidn 1.28-1ubuntu2.1 source package in Ubuntu

Changelog

libidn (1.28-1ubuntu2.1) trusty-security; urgency=medium

  * SECURITY UPDATE: out-of-bounds read when reading one zero byte
    - debian/patches/CVE-2015-8948.patch: use getline instead of fgets with
      fixed-size buffer in gl/Makefile.am, gl/getdelim.c, gl/getline.c,
      gl/m4/getdelim.m4, gl/m4/getline.m4, gl/m4/gnulib-cache.m4,
      gl/m4/gnulib-comp.m4, gl/m4/realloc.m4, gl/realloc.c, gl/stdint.in.h,
      gl/stdlib.in.h, gltests/Makefile.am, gltests/test-getdelim.c,
      gltests/test-getline.c, src/idn.c.
    - debian/patches/CVE-2016-6262.patch: add extra check in src/idn.c.
    - CVE-2015-8948
    - CVE-2016-6262
  * SECURITY UPDATE: out-of-bounds stack read in idna_to_ascii_4i
    - debian/patches/CVE-2016-6261-1.patch: fix out of bounds read in
      lib/idna.c.
    - debian/patches/CVE-2016-6261-2.patch: fix memory leak in lib/idna.c.
    - debian/patches/CVE-2016-6261-3.patch: add test to tests/Makefile.am,
      tests/tst_toascii64oob.c.
    - CVE-2016-6261
  * SECURITY UPDATE: invalid UTF-8 DoS in stringprep_utf8_nfkc_normalize
    - debian/patches/CVE-2016-6263.patch: reject invalid UTF-8 in
      lib/nfkc.c, tests/Makefile.am, tests/tst_badutf8nfkc.c.
    - CVE-2016-6263
  * Fix FTBFS caused by docs regeneration
    - debian/patches/fix_gdoc.patch: fix gdoc script.
    - debian/control: added help2man and texinfo to Build-Depends.
  * debian/patches/fix_broken_test.patch: fix broken encoding in test.

 -- Marc Deslauriers <email address hidden>  Tue, 23 Aug 2016 13:36:58 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2016-08-23
Uploaded to:
Trusty
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
libs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
libidn_1.28.orig.tar.gz 3.3 MiB dd357a968449abc97c7e5fa088a4a384de57cb36564f9d4e0d898ecc6373abfb
libidn_1.28-1ubuntu2.1.debian.tar.gz 46.6 KiB 511a2cfd43a0f3717152434d6735ddcddc12c85914b0b40e5df83a27bc9f0271
libidn_1.28-1ubuntu2.1.dsc 2.2 KiB 7b111cff79738a91e3b553cd59f01e034a1800ad3d5eb7b157aeda249f360e27

View changes file

Binary packages built by this source

idn: Command line and Emacs interface to GNU Libidn

 GNU Libidn is a fully documented implementation of the Stringprep,
 Punycode and IDNA specifications. Libidn's purpose is to encode and
 decode internationalized domain names. The Nameprep, XMPP, SASLprep,
 and iSCSI profiles are supported.
 .
 This package contains the idn command-line tool and its Emacs lisp
 interface.

idn-dbgsym: debug symbols for package idn

 GNU Libidn is a fully documented implementation of the Stringprep,
 Punycode and IDNA specifications. Libidn's purpose is to encode and
 decode internationalized domain names. The Nameprep, XMPP, SASLprep,
 and iSCSI profiles are supported.
 .
 This package contains the idn command-line tool and its Emacs lisp
 interface.

libidn11: GNU Libidn library, implementation of IETF IDN specifications

 GNU Libidn is a fully documented implementation of the Stringprep,
 Punycode and IDNA specifications. Libidn's purpose is to encode and
 decode internationalized domain names. The Nameprep, XMPP, SASLprep,
 and iSCSI profiles are supported.
 .
 This package contains the shared library.

libidn11-dbgsym: debug symbols for package libidn11

 GNU Libidn is a fully documented implementation of the Stringprep,
 Punycode and IDNA specifications. Libidn's purpose is to encode and
 decode internationalized domain names. The Nameprep, XMPP, SASLprep,
 and iSCSI profiles are supported.
 .
 This package contains the shared library.

libidn11-dev: Development files for GNU Libidn, an IDN library

 GNU Libidn is a fully documented implementation of the Stringprep,
 Punycode and IDNA specifications. Libidn's purpose is to encode and
 decode internationalized domain names. The Nameprep, XMPP, SASLprep,
 and iSCSI profiles are supported.
 .
 This package contains the header files, static library, pkg-config
 information, API man pages, and the Libidn manual.

libidn11-java: Java port of the GNU Libidn library, an IDN implementation

 GNU Libidn is an implementation of the Stringprep, Punycode and IDNA
 specifications defined by the IETF Internationalized Domain Names
 (IDN) working group, used for internationalized domain names.
 Currently the Nameprep, Kerberos 5 and XMPP Stringprep profiles are
 supported.
 .
 This package contains the native Java port of the library.