Univention Bugzilla – Bug 54177
uriparser: Multiple issues (4.4)
Last modified: 2021-12-01 16:07:25 CET
New Debian uriparser 0.8.4-1+deb9u2 fixes: This update addresses the following issue: * Out-of-bounds read in uriParse*Ex* (CVE-2018-20721)
--- mirror/ftp/4.4/unmaintained/4.4-0/source/uriparser_0.8.4-1+deb9u1.dsc +++ apt/ucs_4.4-0-errata4.4-8/source/uriparser_0.8.4-1+deb9u2.dsc @@ -1,3 +1,9 @@ +0.8.4-1+deb9u2 [Wed, 01 Dec 2021 00:25:38 +0200] Adrian Bunk <bunk@debian.org>: + + * Non-maintainer upload by the LTS team. + * CVE-2018-20721: Out-of-bounds read for an incomplete URI with + an IPv6 address containing an embedded IPv4 address. + 0.8.4-1+deb9u1 [Fri, 16 Nov 2018 09:43:24 +0100] Jörg Frings-Fürst <debian@jff.email>: * Fix multiple CVEs (Closes: #913817): <http://piuparts.knut.univention.de/4.4-8/#2945276262674108565>
OK: yaml OK: announce_errata OK: patch OK: piuparts
<https://errata.software-univention.de/#/?erratum=4.4x1118>