[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Bug#873902: libidn2-0: CVE-2017-14062: integer overflow in decode_digit
|
From: |
Salvatore Bonaccorso |
|
Subject: |
Bug#873902: libidn2-0: CVE-2017-14062: integer overflow in decode_digit |
|
Date: |
Fri, 01 Sep 2017 06:52:53 +0200 |
Source: libidn2-0
Version: 0.10-2
Severity: important
Tags: upstream security patch
Hi,
the following vulnerability was published for libidn2-0.
CVE-2017-14062[0]:
| Integer overflow in the decode_digit function in puny_decode.c in
| Libidn2 before 2.0.4 allows remote attackers to cause a denial of
| service or possibly have unspecified other impact.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2017-14062
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14062
[1]
https://gitlab.com/libidn/libidn2/commit/3284eb342cd0ed1a18786e3fcdf0cdd7e76676bd
Regards,
Salvatore
- Bug#873902: libidn2-0: CVE-2017-14062: integer overflow in decode_digit,
Salvatore Bonaccorso <=
- Bug#873902: libidn2-0: CVE-2017-14062: integer overflow in decode_digit, Salvatore Bonaccorso, 2017/09/01
- Bug#873903: libidn2-0: CVE-2017-14062: integer overflow in decode_digit, Tim Rühsen, 2017/09/01
- Bug#873903: Wheezy update of libidn?, Raphael Hertzog, 2017/09/01
- Bug#873902: Wheezy update of libidn2-0?, Raphael Hertzog, 2017/09/01
- Bug#873902: marked as done (libidn2-0: CVE-2017-14062: integer overflow in decode_digit), Debian Bug Tracking System, 2017/09/12
- Bug#873903: marked as done (libidn: CVE-2017-14062: integer overflow in decode_digit), Debian Bug Tracking System, 2017/09/12