Source: libidn2-0 Version: 2.0.2-3 Severity: important Tags: upstream security patch
Hi, the following vulnerability was published for libidn2-0, please double-check. CVE-2017-14061[0]: | Integer overflow in the _isBidi function in bidi.c in Libidn2 before | 2.0.4 allows remote attackers to cause a denial of service or possibly | have unspecified other impact. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-14061 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14061 [1] https://gitlab.com/libidn/libidn2/commit/16853b6973a1e72fee2b7cccda85472cb9951305 Please adjust the affected versions in the BTS as needed, not sure about older versions than the one in testing/unstable. Regards, Salvatore _______________________________________________ Secure-testing-team mailing list Secure-testing-team@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
