[SECURITY] [DLA 476-1] libidn security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Package : libidn
Version : 1.25-2+deb7u1
CVE ID : CVE-2015-2059
It was discovered that libidn, the GNU library for Internationalized
Domain Names (IDNs), did not correctly handle invalid UTF-8 input,
causing an out-of-bounds read. This could allow attackers to disclose
sensitive information from an application using the libidn library.
For Debian 7 "Wheezy", these problems have been fixed in version
1.25-2+deb7u1.
We recommend that you upgrade your libidn packages.
- --
Brian May <bam@debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJXO56MAAoJEBeEV3+BH26so3YP/Rnt/2ofEmBo9Xx25fpLzd6u
1B8ljeTr9FCtWg3a+fs3Rcklh6xTSgT/ra3i5bjWiGwYKYDV3HdjBo/ZyBm0tQMN
pGeIdzgsGDBkhsytZlQkMr+Ia5MBj3RWkEAYpARpi6IkUFB8OD0S2AUmM1htxtWR
+udjiKroMG4rsmSstVfOYKZh9rhjdZyQTAIW+PCjZ94LJGEUfe1BMvakFBkYFFB2
yaOUtFrnUlAaxCBs/4A2EoQ4hvWfDr6LNFSbiJIlZ5yTmz2145YrXJAQVGQ0qghM
YdYY4a4VeAJ9H9rKspp0UZm1bmWmAYBt6KFz+Jh1HSYhoRzWenQgTQIYiOGAANAB
fcGTCL7Tl/zuePJ03EhMwh8HXaY4WqI5n2PMYMPAD57gwQr8LRiblskyOIEPajvt
R56hgfo8txHc006W3RGuLi+ovdUDk+u5bE88LFA/yvPlUaIoatHaYx21Boo19/PZ
QjZ6cdlGr50+hrX/In3qbEPcZCPaeYg9mfLZbOQwX1Q5ulCLDpsWk5KqSBVKFbT9
0/aPHWdyJ7rH6cmLfS6NSDG3XCElRI8olOz9SZD3huczsUgvhkG+spZQtYEV5nxv
MHKtcjs/1qWDwDcorDWjaiMq9UHn+BaxXdvspiEjY4z4FdGo/4vD+SZiEzKdyIuP
sWS/hH/zguN3sFS+4TYm
=c5bO
-----END PGP SIGNATURE-----
Reply to: