==========================================================================
Ubuntu Security Notice USN-3434-2
October 23, 2017
libidn vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 12.04 ESM
Summary:
Libidn could be made to crash or run programs if it processed specially
crafted input.
Software Description:
– libidn: implementation of IETF IDN specifications
Details:
USN-3434-1 fixed a vulnerability in Libidn. This update
provides the corresponding update for Ubuntu 12.04 ESM.
Original advisory details:
It was discovered that Libidn incorrectly handled decoding certain
digits. A remote attacker could use this issue to cause Libidn to
crash, resulting in a denial of service, or possibly execute arbitrary
code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 ESM:
libidn11 1.23-2ubuntu0.2
In general, a standard system update will make all the necessary
changes.
References:
https://www.ubuntu.com/usn/usn-3434-2
https://www.ubuntu.com/usn/usn-3434-1
CVE-2017-14062
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2
iQIcBAABCAAGBQJZ7lVHAAoJEEW851uECx9pIRwQAJ67yrFaer5+s1dGMlE65g0E
nmCPdaWoQPnQPhKjpeu3tXxe1jIz1t9FK/rOddb+Sm8+cvKlZtT5R58vUCLMf2cl
KvE8Ix9GM8SaigklnGxUKg1KY6OF6+p254A7madlRZvRheHeXctMaZhr3CFM7yU6
CdMqB2SabzckKu9efmpqafF44wzY3yMtp7hDIHhHhSmHfzqcBMDRITvdjULqvEE2
qaw5nNOsKwtB9ff4iveH3sWGAX8cfAqNX7JTuyfYY6+ldGhXU+TI+DXR9+hyU+ar
kho0yL0aZrbvMccVALJvFpII/C28uuzlXWS2gPFvY4LvlB0Sox2+ZXP6Fuu0adOl
vp8AzVQ3N4gJa02haAV/HlW89qKdNHPSJnQU+zPzU/xUTujsSJfvMU5rO+RaCncw
VpGafH5ysVmE3hRr8vGYowQ9AcVc2qu1uOaHX9t348suM1TJpuegp9sDrsZmeHAd
L2wCvdZ1Q6cmpBjR6dINQnkj8f0KXOl+MzlcOPwRFuWHAvJPfghg8zmBsUcDvFR6
cfj7z499uMTNjBYydfVwVWIYsQ+nhUV9MsR4BkE/PVfDXMSEQLeH5Ao5x6a5hiVU
YAo6jGrQy2yhUI5VHZt0o4XBhcLAvt57LQMi1qvqMSDB5Y879cUyFmNqk8tPfPD+
aH1rzPLvdCoXTeimBhrU
=cYwi
—–END PGP SIGNATURE—–
—