Format: 1.8 Date: Mon, 22 Aug 2016 14:13:11 -0400 Source: libidn Binary: idn libidn11-dev libidn11 libidn11-java Architecture: armhf armhf_translations Version: 1.32-3ubuntu1.1 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: idn - Command line and Emacs interface to GNU Libidn libidn11 - GNU Libidn library, implementation of IETF IDN specifications libidn11-dev - Development files for GNU Libidn, an IDN library libidn11-java - Java port of the GNU Libidn library, an IDN implementation Changes: libidn (1.32-3ubuntu1.1) xenial-security; urgency=medium . * SECURITY UPDATE: out-of-bounds read when reading one zero byte - debian/patches/CVE-2015-8948.patch: use getline instead of fgets with fixed-size buffer in gl/Makefile.am, gl/getdelim.c, gl/getline.c, gl/m4/getdelim.m4, gl/m4/getline.m4, gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4, gl/m4/realloc.m4, gl/realloc.c, gl/stdint.in.h, gl/stdlib.in.h, gltests/Makefile.am, gltests/test-getdelim.c, gltests/test-getline.c, src/idn.c. - debian/patches/CVE-2016-6262.patch: add extra check in src/idn.c. - CVE-2015-8948 - CVE-2016-6262 * SECURITY UPDATE: out-of-bounds stack read in idna_to_ascii_4i - debian/patches/CVE-2016-6261-1.patch: fix out of bounds read in lib/idna.c. - debian/patches/CVE-2016-6261-2.patch: fix memory leak in lib/idna.c. - debian/patches/CVE-2016-6261-3.patch: add test to tests/Makefile.am, tests/tst_toascii64oob.c. - CVE-2016-6261 * SECURITY UPDATE: invalid UTF-8 DoS in stringprep_utf8_nfkc_normalize - debian/patches/CVE-2016-6263.patch: reject invalid UTF-8 in lib/nfkc.c, tests/Makefile.am, tests/tst_badutf8nfkc.c. - CVE-2016-6263 * Fix FTBFS caused by docs regeneration - debian/patches/fix_gdoc_path.patch: fix path to gdoc location. - debian/control: added help2man and texinfo to Build-Depends. Checksums-Sha1: f814062b4a12c7180e098eab94db5dd5f9974b17 18434 idn-dbgsym_1.32-3ubuntu1.1_armhf.ddeb 004b3c82350aa5e7f6fb47477bc0b73d3b04485e 74422 idn_1.32-3ubuntu1.1_armhf.deb 255e5260cacdd239ae4cdb2384b2bc2d1869fa77 35320 libidn11-dbgsym_1.32-3ubuntu1.1_armhf.ddeb b77e063c1d7959b06e4443a66c2a20b8aeee7fda 515500 libidn11-dev_1.32-3ubuntu1.1_armhf.deb 806a3cde91c43af70783d7d2cc7724617a99fcf1 42740 libidn11_1.32-3ubuntu1.1_armhf.deb edabeb5b1725e67695411e3f66a3c6eb904fc200 36156 libidn_1.32-3ubuntu1.1_armhf_translations.tar.gz Checksums-Sha256: 9500d8f7b3f38f303c21d26799c500a14ca03b6c155140e86d2ba9d10879e6d2 18434 idn-dbgsym_1.32-3ubuntu1.1_armhf.ddeb aab249ce234a44213a095f4e13bfbfd9310a7e28fb891a475aecf0b6f893eff2 74422 idn_1.32-3ubuntu1.1_armhf.deb c3059359e31983992c1cc053327d3fc1c24830ac07cbc1b4ade6a803b650a2a0 35320 libidn11-dbgsym_1.32-3ubuntu1.1_armhf.ddeb ebc121cbbd7bb001891aaebbcb243b5db072fd4b87276ec3ed5ca389160e7794 515500 libidn11-dev_1.32-3ubuntu1.1_armhf.deb d5f04622e11f4d8ff2ab35da27773ad19734953f66fabfa5a2cbb692bc2872ae 42740 libidn11_1.32-3ubuntu1.1_armhf.deb 1d70a3212309a4586affd074e3bf313201c25dd21f40b9f4fe0329f94787d06f 36156 libidn_1.32-3ubuntu1.1_armhf_translations.tar.gz Files: f507914d1445e227ef2d2c0284e0fa79 18434 misc extra idn-dbgsym_1.32-3ubuntu1.1_armhf.ddeb f2eb64a8e8d28d10cd5bb5290ccf3f4c 74422 misc optional idn_1.32-3ubuntu1.1_armhf.deb a92e2502c1c2541a84fc46695148d81e 35320 libs extra libidn11-dbgsym_1.32-3ubuntu1.1_armhf.ddeb c9c24cf57e4bdde20b10893ce25759e7 515500 libdevel optional libidn11-dev_1.32-3ubuntu1.1_armhf.deb 089a8bf2fd7b1d6b8ca36b5ce4fb31a5 42740 libs standard libidn11_1.32-3ubuntu1.1_armhf.deb 669449d050bbcb465e05a8712d5d9f83 36156 raw-translations - libidn_1.32-3ubuntu1.1_armhf_translations.tar.gz Original-Maintainer: Debian Libidn Team