-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 29 Aug 2016 20:48:49 +0200 Source: libidn Binary: idn libidn11-dev libidn11 libidn11-java Architecture: all source Version: 1.29-1+deb8u2 Distribution: jessie-security Urgency: high Maintainer: Debian Libidn Team <help-libidn@gnu.org> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Description: idn - Command line and Emacs interface to GNU Libidn libidn11 - GNU Libidn library, implementation of IETF IDN specifications libidn11-dev - Development files for GNU Libidn, an IDN library libidn11-java - Java port of the GNU Libidn library, an IDN implementation Changes: libidn (1.29-1+deb8u2) jessie-security; urgency=high . * Non-maintainer upload by the Security Team. * CVE-2015-8948: Out-of-bounds read due to use of fgets with fixed-size buffer * Add help2man to Build-Depends to fix FTBFS due to doc regeneration * CVE-2016-6261: Out-of-bounds stack read in idna_to_ascii_4i * CVE-2016-6263: Crash when given invalid UTF-8 data on input Checksums-Sha1: 5569466c9e46bd21f377dce8c7dc89c26fd44a3d 2177 libidn_1.29-1+deb8u2.dsc f4d5af898978e4e910bf802f61f0cbb4a048f866 70728 libidn_1.29-1+deb8u2.debian.tar.xz 7a143d5e1127e9eb7b9ac2b81bee4de922111f85 218314 libidn11-java_1.29-1+deb8u2_all.deb Checksums-Sha256: 8346d3ad4ea48159c1008a7482685c7abfb0e3bcdc4bbda937b6a1774df1798f 2177 libidn_1.29-1+deb8u2.dsc 5f3be629b7185609bb2aed149f568a014524f69dec1368a4455a4eb0972a61d9 70728 libidn_1.29-1+deb8u2.debian.tar.xz 4831e0a93ee5a1ba138e5da6a3edb1b3f886b1287e748b169df707a45b75efb8 218314 libidn11-java_1.29-1+deb8u2_all.deb Files: a403cc5aaff9919bb614a20552dd585f 2177 libs optional libidn_1.29-1+deb8u2.dsc 6317e04faf70ee72cd5fc7702441539d 70728 libs optional libidn_1.29-1+deb8u2.debian.tar.xz d3c9f3cc205a9ca56372baa224ff3863 218314 java optional libidn11-java_1.29-1+deb8u2_all.deb -----BEGIN PGP SIGNATURE----- iQIvBAEBCgAZBQJXxshcEhxjYXJuaWxAZGViaWFuLm9yZwAKCRAFTLjzE0PPRIdd D/99M711T5dLlK1oQ30nY7pK47IER/vYinB5SlfC13ARDGi9RbRAytJlbC2HuXJO qU72YestzsIj9j0VsCCzV4yYVUUSryHzSAAGYGdx6Fx6dspipd50CokuiRzeGlif ewCRcPNUJvHufiBiRdRkEljs9meG18E78U2DxnDplCgzXkgYzzYXalS6pVUlEd0u u+xFNufVvDAHZnSfiSZkd0t2qza0wKfLoj6BUSUKV7Ybni0RFWfz3QcZcB0liRzn GD9Q5kDTB7rUr0oTg6G3zy/FX6NUOImh18dN88DClO7Gs3ba7gCLWsDlDsVHELMA 4EjFRwIyP3FPFyMLs57PKtcFcIgul7RR7mPMy/qjbOX3VjllklMqItdi/BvSWtiE krsZoRKSl0P9cGKm7txRHchAvMiUoerF+vcfp1PuwRc65g8AQXUbOjdNgtx00lD8 Zri8H57HeWVihYMBzBFBjxdwIrWfbhA+8yWUyFV2Fk3AElQ2l5dvM3Ws5VL19k/i dr2D84eVWMxsViWwqoqIWvO/l3A3YuIfOkNGtEzrsGp1vjNEJJfoGkuAbwvnCUK3 VBf9sQExYSagEaq+9Ww/NYR8Yz+3SYGEfIUjYA4zPRFSLLUmogPvCwwUrFr6oRAy eWCiFNyc6HAFYuElOc8jCl+s20JY187stn2d90Ec6jwMyQ== =FMN3 -----END PGP SIGNATURE-----