UbuntuUpdates.org

Package "uriparser"

Name: uriparser

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • development files for uriparser
  • documentation files for uriparser
  • URI parsing library compliant with RFC 3986
Latest version: 0.8.4-1+deb9u2ubuntu0.1
Release: bionic (18.04)
Level: security
Repository: universe

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "uriparser" in Bionic

Repository Area Version
base universe 0.8.4-1
updates universe 0.8.4-1+deb9u2ubuntu0.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 0.8.4-1+deb9u2ubuntu0.1 2022-07-13 08:06:16 UTC

  uriparser (0.8.4-1+deb9u2ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Use after free
    - debian/patches/CVE-2021-46141_46142.patch: Fix .hostText copying in
      uriMakeOwnerEngine.
    - CVE-2021-46141
    - CVE-2021-46142
  * Additional fixes:
    - debian/patches/implement_new_public_urlMakeOwner.patch: UriNormalize.c:
      Implement new public uriMakeOwner*
    - debian/patches/rename_internal_uriMakeOwner.patch: UriNormalize.c:
      Rename internal uriMakeOwner to uriMakeOwnerEngine
    - debian/patches/test_cover_new_uriMakeOwner.patch: test.cpp: Cover
      new uriMakeOwner*

 -- David Fernandez Gonzalez <email address hidden> Tue, 12 Jul 2022 15:52:39 +0200
Source diff to previous version
CVE-2021-46141 An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner.
CVE-2021-46142 An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax.

Version: 0.8.4-1+deb9u2build0.18.04.1 2021-12-06 15:07:18 UTC

  uriparser (0.8.4-1+deb9u2build0.18.04.1) bionic-security; urgency=medium

  * fake sync from Debian


About   -   Send Feedback to @ubuntu_updates