Advisories ยป MGASA-2015-0349

Updated libidn packages fix CVE-2015-2059

Publication date: 08 Sep 2015
Type: security
Affected Mageia releases : 5
CVE: CVE-2015-2059

Description

Updated libidn packages fix security vulnerability:

In libidn before 1.31, stringprep_utf8_to_ucs4 did not validate that the input
UTF-8 string was actually valid UTF-8, which could lead to out-of-bounds
reads (CVE-2015-2059).
                

References

SRPMS

5/core