On Wed, Jul 01, 2015 at 08:21:17PM +0000, Patrick Schleizer wrote: > Are you aware of this already? > > [SECURITY NOTICE] libidn with bad UTF8 input > > http://curl.haxx.se/mail/lib-2015-06/0143.html
Out of curiosity, is it related to https://security-tracker.debian.org/tracker/CVE-2015-2059 ? I find the answer to this ticket a bit concise. Indeed it can be considered as a non-important vulnerability on libidn but it seems to me that it can trigger several more important in reverse-depends (as it seems to be the case for curl). François. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
