Univention Bugzilla – Bug 54352
uriparser: Multiple issues (4.4)
Last modified: 2022-01-19 13:44:29 CET
New Debian uriparser 0.8.4-1+deb9u3 fixes: This update addresses the following issues: * Invalid free operations in uriFreeUriMembers and uriMakeOwner (CVE-2021-46141) * Invalid free operations in uriNormalizeSyntax. (CVE-2021-46142)
--- mirror/ftp/4.4/unmaintained/component/4.4-8-errata/source/uriparser_0.8.4-1+deb9u2.dsc +++ apt/ucs_4.4-0-errata4.4-8/source/uriparser_0.8.4-1+deb9u3.dsc @@ -1,3 +1,11 @@ +0.8.4-1+deb9u3 [Mon, 17 Jan 2022 10:24:16 +0000] Chris Lamb <lamby@debian.org>: + + * Non-maintainer upload by the LTS team. + * CVE-2021-46141: Prevent some invalid free operations in the + uriFreeUriMembers and uriMakeOwner functions. + * CVE-2021-46142: Prevent invalid free operations in the + uriNormalizeSyntax function. + 0.8.4-1+deb9u2 [Wed, 01 Dec 2021 00:25:38 +0200] Adrian Bunk <bunk@debian.org>: * Non-maintainer upload by the LTS team. <http://piuparts.knut.univention.de/4.4-8/#2945276262675191090>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-8] 6f4fbc0e8c Bug #54352: uriparser 0.8.4-1+deb9u3 doc/errata/staging/uriparser.yaml | 15 +++++++++++++++ 1 file changed, 15 insertions(+)
<https://errata.software-univention.de/#/?erratum=4.4x1154>