FEDORA-EPEL-2019-821ac0b641 created by robert a year ago for Fedora EPEL 7
stable

Libidn 2.2.0 (released 2019-05-23)

  • Perform A-Label roundtrip for lookup functions by default
  • Stricter check of input to punycode decoder
  • Fix punycode decoding with no ASCII chars but given delimiter
  • Fix idn2 --no-tr64 (was a no-op)
  • Allow _ as a basic code point in domain labels
  • Fail building documentation if ronn isn't installed
  • git tag changed to reflect https://semver.org/

Libidn 2.1.1 (released 2019-02-08)

  • Revert SONAME bump from release 2.1.0
  • Fix NULL dereference in idn2_register_u8() and idn2_register_ul()
  • Fix free of random value in idn2_to_ascii_4i()
  • Improved fuzzer (which found the above issues)
  • Fix printf() crash in test-lookup.c on Solaris
  • Check for valid unicode input in punycode encoder
  • Avoid excessive CPU usage in punycode encoding with large inputs
  • Deprecate idn2_to_ascii_4i() in favor of idn2_to_ascii_4i2()
  • Restrict output length of idn2_to_ascii_4i() to 63 bytes

Libidn 2.1.0 (released 2019-01-04)

  • Two exposed functions are no longer exposed: _idn2_punycode_encode() and _idn2_punycode_decode() which were meant to be used internally only. The output needs additional checks to be used safely. This is the reason to for the SONAME bump, just in case.
  • Fix label length check for idn2_register_u8()
  • Remove compiler warnings
  • Use gnulib-python tool for bootstrapping if possible
  • Improve build system (several small issues)
  • Add missing error messages to idn2_strerror_name()
  • Improve docs and remove typos
  • Update gnulib

This update has been submitted for testing by robert.

a year ago

This update's test gating status has been changed to 'waiting'.

a year ago

This update's test gating status has been changed to 'ignored'.

a year ago

This update has been pushed to testing.

a year ago

This update can be pushed to stable now if the maintainer wishes

a year ago

This update has been submitted for stable by bodhi.

a year ago

This update has been pushed to stable.

a year ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
14 days
Dates
submitted
a year ago
in testing
a year ago
in stable
a year ago
BZ#1764780 CVE-2019-18224 libidn2: heap-based buffer overflow in idn2_to_ascii_4i in lib/lookup.c
0
0
BZ#1764784 CVE-2019-18224 mingw-libidn2: libidn2: heap-based buffer overflow in idn2_to_ascii_4i in lib/lookup.c [epel-7]
0
0

Automated Test Results