UbuntuUpdates.org

Package "liburiparser1"

Name: liburiparser1

Description:

URI parsing library compliant with RFC 3986

Latest version: 0.8.4-1+deb9u2ubuntu0.1
Release: bionic (18.04)
Level: security
Repository: universe
Head package: uriparser
Homepage: http://uriparser.sourceforge.net

Links


Download "liburiparser1"


Other versions of "liburiparser1" in Bionic

Repository Area Version
base universe 0.8.4-1
updates universe 0.8.4-1+deb9u2ubuntu0.1

Changelog

Version: 0.8.4-1+deb9u2ubuntu0.1 2022-07-13 08:06:16 UTC

  uriparser (0.8.4-1+deb9u2ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Use after free
    - debian/patches/CVE-2021-46141_46142.patch: Fix .hostText copying in
      uriMakeOwnerEngine.
    - CVE-2021-46141
    - CVE-2021-46142
  * Additional fixes:
    - debian/patches/implement_new_public_urlMakeOwner.patch: UriNormalize.c:
      Implement new public uriMakeOwner*
    - debian/patches/rename_internal_uriMakeOwner.patch: UriNormalize.c:
      Rename internal uriMakeOwner to uriMakeOwnerEngine
    - debian/patches/test_cover_new_uriMakeOwner.patch: test.cpp: Cover
      new uriMakeOwner*

 -- David Fernandez Gonzalez <email address hidden> Tue, 12 Jul 2022 15:52:39 +0200

Source diff to previous version
CVE-2021-46141 An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner.
CVE-2021-46142 An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax.

Version: 0.8.4-1+deb9u2build0.18.04.1 2021-12-06 15:07:18 UTC

  uriparser (0.8.4-1+deb9u2build0.18.04.1) bionic-security; urgency=medium

  * fake sync from Debian




About   -   Send Feedback to @ubuntu_updates