[Bug 1056450] New: VUL-0: libidn2: integer overflow in puny_decode.c/decode_digit()
http://bugzilla.suse.com/show_bug.cgi?id=1056450 Bug ID: 1056450 Summary: VUL-0: libidn2: integer overflow in puny_decode.c/decode_digit() Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.3 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: tchvatal@suse.com Reporter: astieger@suse.com QA Contact: security-team@suse.de Found By: Security Response Team Blocker: --- https://lists.gnu.org/archive/html/info-gnu/2017-08/msg00013.html Integer overflow fixed in libidn2 2.0.4: ** Fix integer overflow in puny_decode.c/decode_digit() http://git.savannah.gnu.org/cgit/libidn/libidn2.git/commit/?h=libidn2-2.0.4&id=3284eb342cd0ed1a18786e3fcdf0cdd7e76676bd -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1056450 http://bugzilla.suse.com/show_bug.cgi?id=1056450#c1 --- Comment #1 from Bernhard Wiedemann <bwiedemann@suse.com> --- This is an autogenerated message for OBS integration: This bug (1056450) was mentioned in https://build.opensuse.org/request/show/519719 42.3 / libidn2 -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1056450 Swamp Workflow Management <swamp@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P3 - Medium -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1056450 Andreas Stieger <astieger@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |IN_PROGRESS CC| |tchvatal@suse.com Assignee|tchvatal@suse.com |security-team@suse.de -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1056450 http://bugzilla.suse.com/show_bug.cgi?id=1056450#c2 --- Comment #2 from Marcus Meissner <meissner@suse.com> --- cve requested -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1056450 Swamp Workflow Management <swamp@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard| |obs:running:7217:moderate -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1056450 http://bugzilla.suse.com/show_bug.cgi?id=1056450#c3 Marcus Meissner <meissner@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|VUL-0: libidn2: integer |VUL-0: CVE-2017-14062: |overflow in |libidn2: integer overflow |puny_decode.c/decode_digit( |in |) |puny_decode.c/decode_digit( | |) Alias| |CVE-2017-14062 --- Comment #3 from Marcus Meissner <meissner@suse.com> --- CVE-2017-14062 -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com