Format: 1.8
Date: Tue, 23 Aug 2016 14:32:46 -0400
Source: libidn
Binary: idn libidn11-dev libidn11 libidn11-java
Architecture: amd64 amd64_translations
Version: 1.23-2ubuntu0.1
Distribution: precise
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@lcy01-03.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 idn        - Command line and Emacs interface to GNU Libidn
 libidn11   - GNU Libidn library, implementation of IETF IDN specifications
 libidn11-dev - Development files for GNU Libidn, an IDN library
 libidn11-java - Java port of the GNU Libidn library, an IDN implementation
Changes: 
 libidn (1.23-2ubuntu0.1) precise-security; urgency=medium
 .
   * SECURITY UPDATE: out-of-bounds read when reading one zero byte
     - debian/patches/CVE-2015-8948.patch: use getline instead of fgets with
       fixed-size buffer in gl/Makefile.am, gl/getdelim.c, gl/getline.c,
       gl/m4/getdelim.m4, gl/m4/getline.m4, gl/m4/gnulib-cache.m4,
       gl/m4/gnulib-comp.m4, gl/m4/realloc.m4, gl/realloc.c, gl/stdint.in.h,
       gl/stdlib.in.h, gltests/Makefile.am, gltests/test-getdelim.c,
       gltests/test-getline.c, src/idn.c.
     - debian/patches/CVE-2016-6262.patch: add extra check in src/idn.c.
     - CVE-2015-8948
     - CVE-2016-6262
   * SECURITY UPDATE: out-of-bounds stack read in idna_to_ascii_4i
     - debian/patches/CVE-2016-6261-1.patch: fix out of bounds read in
       lib/idna.c.
     - debian/patches/CVE-2016-6261-2.patch: fix memory leak in lib/idna.c.
     - debian/patches/CVE-2016-6261-3.patch: add test to tests/Makefile.am,
       tests/tst_toascii64oob.c.
     - CVE-2016-6261
   * SECURITY UPDATE: invalid UTF-8 DoS in stringprep_utf8_nfkc_normalize
     - debian/patches/CVE-2016-6263.patch: reject invalid UTF-8 in
       lib/nfkc.c, tests/Makefile.am, tests/tst_badutf8nfkc.c.
     - CVE-2016-6263
   * debian/rules: build with dh-autoreconf.
   * debian/control: added dh-autoreconf and autopoint to Build-Depends.
   * debian/patches/fix_broken_test.patch: fix broken encoding in test.
Checksums-Sha1: 
 d268017493508a809c27b256b4b4dad898372cf6 20552 idn_1.23-2ubuntu0.1_amd64.deb
 05f15b7c9994e62eca7b365071c2324368486cf7 635494 libidn11-dev_1.23-2ubuntu0.1_amd64.deb
 4da14342f4e7d4d5dd35d74c7ab398e11183eb61 112420 libidn11_1.23-2ubuntu0.1_amd64.deb
 f7f4ff813a2b86b3035b891c63f3d7be1ed8fa70 14716 idn-dbgsym_1.23-2ubuntu0.1_amd64.ddeb
 7ed1707a66c149f6d45420ec6da7f8ef2d9eb7ce 31606 libidn11-dbgsym_1.23-2ubuntu0.1_amd64.ddeb
 1622360f926c6b8809f6298d8f133f0a9089bb10 30485 libidn_1.23-2ubuntu0.1_amd64_translations.tar.gz
Checksums-Sha256: 
 aecbe38764dacd196c77d9aa4e9fe290cb201b18ee64722fdb061013308b6352 20552 idn_1.23-2ubuntu0.1_amd64.deb
 77042275c6f2e4dcae2c8f30d3b02ac224e1e4bc8062915869dc409db2132b01 635494 libidn11-dev_1.23-2ubuntu0.1_amd64.deb
 d311131b368ff653e392f0d6fbe1b11111c550d591dea1181551d0beb0e96c18 112420 libidn11_1.23-2ubuntu0.1_amd64.deb
 417edac22a7ea03417e974b6a7eb16fa4d2f135a51ef055db078768b144ebe0b 14716 idn-dbgsym_1.23-2ubuntu0.1_amd64.ddeb
 ce38ba1283d7121a4719163c1ce03ef6ec13244c5b1722a3189a2e4ae1e63d91 31606 libidn11-dbgsym_1.23-2ubuntu0.1_amd64.ddeb
 a4465d08af2e159cae041ac27e977097ade3fd05b04f5a8d24c1884f9a2533bd 30485 libidn_1.23-2ubuntu0.1_amd64_translations.tar.gz
Files: 
 b75e43f9457be9cbed871c1358a61b53 20552 misc optional idn_1.23-2ubuntu0.1_amd64.deb
 763e063aa88d370c0e2eacc6be5be250 635494 libdevel optional libidn11-dev_1.23-2ubuntu0.1_amd64.deb
 064c6ed5b9c93e10682fbff89903485a 112420 libs standard libidn11_1.23-2ubuntu0.1_amd64.deb
 0e098c0698829d8b9bb76bf9fee4405c 14716 misc extra idn-dbgsym_1.23-2ubuntu0.1_amd64.ddeb
 89454bc58167f52ec79983dfc03cfc0c 31606 libs extra libidn11-dbgsym_1.23-2ubuntu0.1_amd64.ddeb
 ffbed190af3c5ecd2fbb1dc14fad76d1 30485 raw-translations - libidn_1.23-2ubuntu0.1_amd64_translations.tar.gz
Original-Maintainer: Debian Libidn Team <help-libidn@gnu.org>