-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : libidn Version : 1.25-2+deb7u3 CVE ID : CVE-2017-14062 Debian Bug : #873903
It was discovered that there was an integer overflow vulnerability in libidn's Punycode handling (an encoding used to convert Unicode characters to ASCII) which would have allowed remote attackers to cause a denial of service. For Debian 7 "Wheezy", this issue has been fixed in libidn version 1.25-2+deb7u3. We recommend that you upgrade your libidn packages. Regards, - -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlmrJYkACgkQHpU+J9Qx Hli84RAAvTEYEXb3QOTLpizhFCNT9vGDw5VIj6rqUlYJ4GeeNbmW6mSkwlxUMNS/ BEcvRn72L08vNbzyqYuALksa2ix8qYkqoiABVmAPYlrgIm9lKPXMSumq7IHeLKEF uVdgBx6oBTQYlLKqycY398yZ1ORgtPhiqRUc8b1R1rvwBELKg5Y6HNTNWANA9ue0 qkXeM1SjHZjxDSer3bgDgjaVGBNbmZuL57/Ig4D0QS14LUf2a0dri76iZSepgyK5 QU96dk+ZybGOzSA7x+ClnsRZq7sXOx+3isirbBAD6LwxIYg/xBmD5JE3Aebe2vrB igfxwq8XE+44iKiwMK6p0M3nmZPo7uXvv/xCwr2/+nWw2hoSXCxnel1Nt4pAnL7p UWpfT1RGkWZ4ucV6qMLjHZxnR+eagMWV2cvgMPJqRdTj5pstOvAF/Gtsf/pZ7BXZ 7uttHoh/Z5FgeEoH4a9Dtta0R+USRcfjxbB25godL3ixSUtF9OdMdpvIip/gAxtn rWr5xl1NvD60Rk2scICtcCD9SaVsblL2jG3KMWXd4Kf8+0IPSPFgtOq1QRE3Qxl8 rOpn0KxPIyi8P3xVL3Lvza49lglkChk3O065qXNzD7Gg78idjEv/8eAPJAWuOfg9 nLNEa8INePUNDJ/4QcXCiusOo+G4sp8+e4SRmbGK1kHVWdCK0NY= =O+Y8 -----END PGP SIGNATURE-----