Security update for libidn
This update for libidn fixes the following issues:
- CVE-2016-6262 and CVE-2015-8948: Out-of-bounds-read when reading one zero byte as input (bsc#990189)
- CVE-2016-6261: Out-of-bounds stack read in idna_to_ascii_4i (bsc#990190)
- CVE-2016-6263: stringprep_utf8_nfkc_normalize reject invalid UTF-8 (bsc#990191)
- CVE-2015-2059: out-of-bounds read with stringprep on invalid UTF-8 (bsc#923241)
This update was imported from the SUSE:SLE-12:Update update project.
-
Submitted by
Tomáš Chvátal (scarabeus_iv)
Fixed bugs
bnc#923241
out-of-bounds read with stringprep on invalid UTF-8
bnc#990189
out-of-bounds-read when reading one zero byte as input
bnc#990190
out-of-bounds stack read in idna_to_ascii_4i
bnc#990191
stringprep_utf8_nfkc_normalize reject invalid UTF-8
