[ubuntu/bionic-updates] libidn2 2.0.4-1.1ubuntu0.2 (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Tue Oct 29 13:28:09 UTC 2019

libidn2 (2.0.4-1.1ubuntu0.2) bionic-security; urgency=medium

  * SECURITY UPDATE: Heap-based buffer overflow
    - debian/patches/CVE-2019-18224.patch: Restrict output length to 63
      in lib/lookup.c.
    - CVE-2019-18224
  * SECURITY UPDATE: Domain impersonate
    - debian/patches/CVE-2019-12290.patch: Perform A-Label roundtrip for
      lookup functions by default in lib/error.c, lib/idn2.h.in,
      lib/lookup.c, src/blurbs.h, src/idn2.c, src/idn2.ggo.
    - CVE-2019-12290

Date: 2019-10-28 18:13:13.286566+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Bionic-changes mailing list