-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : libidn Version : 1.25-2+deb7u1 CVE ID : CVE-2015-2059
It was discovered that libidn, the GNU library for Internationalized Domain Names (IDNs), did not correctly handle invalid UTF-8 input, causing an out-of-bounds read. This could allow attackers to disclose sensitive information from an application using the libidn library. For Debian 7 "Wheezy", these problems have been fixed in version 1.25-2+deb7u1. We recommend that you upgrade your libidn packages. - -- Brian May <[email protected]> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJXO56MAAoJEBeEV3+BH26so3YP/Rnt/2ofEmBo9Xx25fpLzd6u 1B8ljeTr9FCtWg3a+fs3Rcklh6xTSgT/ra3i5bjWiGwYKYDV3HdjBo/ZyBm0tQMN pGeIdzgsGDBkhsytZlQkMr+Ia5MBj3RWkEAYpARpi6IkUFB8OD0S2AUmM1htxtWR +udjiKroMG4rsmSstVfOYKZh9rhjdZyQTAIW+PCjZ94LJGEUfe1BMvakFBkYFFB2 yaOUtFrnUlAaxCBs/4A2EoQ4hvWfDr6LNFSbiJIlZ5yTmz2145YrXJAQVGQ0qghM YdYY4a4VeAJ9H9rKspp0UZm1bmWmAYBt6KFz+Jh1HSYhoRzWenQgTQIYiOGAANAB fcGTCL7Tl/zuePJ03EhMwh8HXaY4WqI5n2PMYMPAD57gwQr8LRiblskyOIEPajvt R56hgfo8txHc006W3RGuLi+ovdUDk+u5bE88LFA/yvPlUaIoatHaYx21Boo19/PZ QjZ6cdlGr50+hrX/In3qbEPcZCPaeYg9mfLZbOQwX1Q5ulCLDpsWk5KqSBVKFbT9 0/aPHWdyJ7rH6cmLfS6NSDG3XCElRI8olOz9SZD3huczsUgvhkG+spZQtYEV5nxv MHKtcjs/1qWDwDcorDWjaiMq9UHn+BaxXdvspiEjY4z4FdGo/4vD+SZiEzKdyIuP sWS/hH/zguN3sFS+4TYm =c5bO -----END PGP SIGNATURE-----
