Oval Definition:oval:org.opensuse.security:def:78413
Revision Date:2016-08-16Version:1
Title:Security update for libidn (Moderate)
Description:



This update for libidn fixes the following issues:

- CVE-2016-6262 and CVE-2015-8948: Out-of-bounds-read when reading one zero byte as input (bsc#990189)

- CVE-2016-6261: Out-of-bounds stack read in idna_to_ascii_4i (bsc#990190)

- CVE-2016-6263: stringprep_utf8_nfkc_normalize reject invalid UTF-8 (bsc#990191)

- CVE-2015-2059: out-of-bounds read with stringprep on invalid UTF-8 (bsc#923241)

Family:unixClass:patch
Status:Reference(s):923241
990189
990190
990191
CVE-2015-2059
CVE-2015-8948
CVE-2016-6261
CVE-2016-6262
CVE-2016-6263
SUSE-SU-2016:2079-1
Platform(s):SUSE Linux Enterprise Desktop 12 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • libidn11-1.28-4.1 is installed
  • OR libidn11-32bit-1.28-4.1 is installed
  • BACK