You are here
Home > Preporuke > Sigurnosni nedostatak programske biblioteke libidn

Sigurnosni nedostatak programske biblioteke libidn

==========================================================================
Ubuntu Security Notice USN-3434-2
October 23, 2017

libidn vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 12.04 ESM

Summary:

Libidn could be made to crash or run programs if it processed specially
crafted input.

Software Description:
– libidn: implementation of IETF IDN specifications

Details:

USN-3434-1 fixed a vulnerability in  Libidn. This update
provides the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

 It was discovered that Libidn incorrectly handled decoding certain
 digits. A remote attacker could use this issue to cause Libidn to
 crash, resulting in a denial of service, or possibly execute arbitrary
 code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 ESM:
  libidn11                        1.23-2ubuntu0.2

In general, a standard system update will make all the necessary
changes.

References:
  https://www.ubuntu.com/usn/usn-3434-2
  https://www.ubuntu.com/usn/usn-3434-1
  CVE-2017-14062
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAABCAAGBQJZ7lVHAAoJEEW851uECx9pIRwQAJ67yrFaer5+s1dGMlE65g0E
nmCPdaWoQPnQPhKjpeu3tXxe1jIz1t9FK/rOddb+Sm8+cvKlZtT5R58vUCLMf2cl
KvE8Ix9GM8SaigklnGxUKg1KY6OF6+p254A7madlRZvRheHeXctMaZhr3CFM7yU6
CdMqB2SabzckKu9efmpqafF44wzY3yMtp7hDIHhHhSmHfzqcBMDRITvdjULqvEE2
qaw5nNOsKwtB9ff4iveH3sWGAX8cfAqNX7JTuyfYY6+ldGhXU+TI+DXR9+hyU+ar
kho0yL0aZrbvMccVALJvFpII/C28uuzlXWS2gPFvY4LvlB0Sox2+ZXP6Fuu0adOl
vp8AzVQ3N4gJa02haAV/HlW89qKdNHPSJnQU+zPzU/xUTujsSJfvMU5rO+RaCncw
VpGafH5ysVmE3hRr8vGYowQ9AcVc2qu1uOaHX9t348suM1TJpuegp9sDrsZmeHAd
L2wCvdZ1Q6cmpBjR6dINQnkj8f0KXOl+MzlcOPwRFuWHAvJPfghg8zmBsUcDvFR6
cfj7z499uMTNjBYydfVwVWIYsQ+nhUV9MsR4BkE/PVfDXMSEQLeH5Ao5x6a5hiVU
YAo6jGrQy2yhUI5VHZt0o4XBhcLAvt57LQMi1qvqMSDB5Y879cUyFmNqk8tPfPD+
aH1rzPLvdCoXTeimBhrU
=cYwi
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostaci programskih paketa mysql-5.5 i mysql-5.7

Otkriveni su sigurnosni nedostaci u programskim paketima mysql-5.5 i mysql-5.7 za operacijski sustav Ubuntu 14.04 LTS, 16.04 LTS, 17.04 i...

Close