[Whonix-devel] curl security issue? - [SECURITY NOTICE] libidn with bad UTF8 input
francois at avalenn.eu
francois at avalenn.eu
Thu Jul 2 14:03:12 CEST 2015
On Wed, Jul 01, 2015 at 08:21:17PM +0000, Patrick Schleizer wrote:
> Are you aware of this already?
>
> [SECURITY NOTICE] libidn with bad UTF8 input
>
> http://curl.haxx.se/mail/lib-2015-06/0143.html
Out of curiosity, is it related to
https://security-tracker.debian.org/tracker/CVE-2015-2059 ?
I find the answer to this ticket a bit concise. Indeed it can be
considered as a non-important vulnerability on libidn but it seems to
me that it can trigger several more important in reverse-depends (as
it seems to be the case for curl).
François.
More information about the Whonix-devel
mailing list