1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 5063-1] uriparser security update

    From Salvatore Bonaccorso@21:1/5 to All on Wed Jan 26 21:00:01 2022
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5063-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso January 26, 2022 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : uriparser
    CVE ID : CVE-2021-46141 CVE-2021-46142

    Two vulnerabilities were discovered in uriparser, a library that parses
    Uniform Resource Identifiers (URIs), which may result in denial of
    service or potentially in the the execution of arbitrary code.

    For the oldstable distribution (buster), these problems have been fixed
    in version 0.9.1-1+deb10u1.

    For the stable distribution (bullseye), these problems have been fixed in version 0.9.4+dfsg-1+deb11u1.

    We recommend that you upgrade your uriparser packages.

    For the detailed security status of uriparser please refer to its
    security tracker page at:
    https://security-tracker.debian.org/tracker/uriparser

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmHxpfRfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0SO6w//Sczq6tmtTS6n2CZBBlwi4LJhBmQT2EvqYO1++pJuIHcoQSbTpBAAUXiV fkpvX2XY/Ib53tHe3OpLcjjDokCQPTVRaZ4gHDn1t+UmgWPWZpcM86eoTpfGOhSu gzsOP/Bnc56oFh4B/CpPWDj6qbDEFzgQvbxDdP+Ib7aKghvwQrYv3fiCj972+Sn8 /aBYNnyNDNW74shyUOXK4RysI14PdKkgPgiwakZSFDP/DxOf5n009SpJjFVuVooY FkgmG5yFCuFryA4F0c7zfTGXa40WrBJljSQB8BH9NQygtzR6TA3Qdpk1Jt2wZ8y7 D7Nt9713pwjcI2lo5LGmGrV3wrqwN6PEqFuG9yt5wefo8LNb3VOafYFO+m7YWjEl LjGkqDAGl33vq2S2ViMKCfpcSN3DgNL3JRGDVHTOruq7/iOVtuwomKwjKJPR/P6j 0Fjh3WlQLv6Xh1KdNn8eQGrwq04oPlfttD4SCVQx0OYtSA5Y437AvrGXn/ayGI8q VFDd1Q/APP4brnPzoGQ6VBoYIPwNMk3J9Y7cJbBlqzDXORZwP1HmDrtIFjdEZbMe utQ366atPq9Tck5/DoQi6D0pTmwgaDKgOUqSqQmGUS/D0dDO3ut47JwMD0Ve6FEj wYShpzIEpRCspAyxSAfJZL46n49GkP/jnYonB/i7CIqMam1uPD0=
    =H/LD
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)