[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Bug#873902: libidn2-0: CVE-2017-14062: integer overflow in decode_digit
|
From: |
Salvatore Bonaccorso |
|
Subject: |
Bug#873902: libidn2-0: CVE-2017-14062: integer overflow in decode_digit |
|
Date: |
Fri, 1 Sep 2017 07:03:19 +0200 |
|
User-agent: |
NeoMutt/20170113 (1.7.2) |
Hi libidn team,
On Fri, Sep 01, 2017 at 06:52:53AM +0200, Salvatore Bonaccorso wrote:
> CVE-2017-14062[0]:
> | Integer overflow in the decode_digit function in puny_decode.c in
> | Libidn2 before 2.0.4 allows remote attackers to cause a denial of
> | service or possibly have unspecified other impact.
Unless mistaken I think this goes back to all libidn2-0 versions to
jessie and affects as well src:libidn. I cloned the bug and
reassigned, but let me please know if I oversee something.
Regards,
Salvatore
- Bug#873902: libidn2-0: CVE-2017-14062: integer overflow in decode_digit, Salvatore Bonaccorso, 2017/09/01
- Bug#873902: libidn2-0: CVE-2017-14062: integer overflow in decode_digit,
Salvatore Bonaccorso <=
- Bug#873903: libidn2-0: CVE-2017-14062: integer overflow in decode_digit, Tim Rühsen, 2017/09/01
- Bug#873903: Wheezy update of libidn?, Raphael Hertzog, 2017/09/01
- Bug#873902: Wheezy update of libidn2-0?, Raphael Hertzog, 2017/09/01
- Bug#873902: marked as done (libidn2-0: CVE-2017-14062: integer overflow in decode_digit), Debian Bug Tracking System, 2017/09/12
- Bug#873903: marked as done (libidn: CVE-2017-14062: integer overflow in decode_digit), Debian Bug Tracking System, 2017/09/12