File _patchinfo of Package patchinfo.5502

<patchinfo incident="5502">
<issue id="923241" tracker="bnc">out-of-bounds read with stringprep on invalid UTF-8</issue>
  <issue id="990189" tracker="bnc">out-of-bounds-read when reading one zero byte as input</issue>
  <issue id="990190" tracker="bnc">out-of-bounds stack read in idna_to_ascii_4i</issue>
  <issue id="990191" tracker="bnc">stringprep_utf8_nfkc_normalize reject invalid UTF-8</issue>
  <issue id="2016-6263" tracker="cve" />
  <issue id="2016-6262" tracker="cve" />
  <issue id="2016-6261" tracker="cve" />
  <issue id="2015-2059" tracker="cve" />
  <issue id="2015-8948" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>scarabeus_iv</packager>
  <description>
This update for libidn fixes the following issues:

- CVE-2016-6262 and CVE-2015-8948: Out-of-bounds-read when reading one zero byte as input (bsc#990189)

- CVE-2016-6261: Out-of-bounds stack read in idna_to_ascii_4i (bsc#990190) 

- CVE-2016-6263: stringprep_utf8_nfkc_normalize reject invalid UTF-8 (bsc#990191)

- CVE-2015-2059: out-of-bounds read with stringprep on invalid UTF-8 (bsc#923241) 


This update was imported from the SUSE:SLE-12:Update update project.</description>
  <summary>Security update for libidn</summary>
</patchinfo>
Places

File _patchinfo of Package patchinfo.5502

Places
