logo
DATABASE RESOURCES PRICING ABOUT US

GNU IDN Library 2: Multiple vulnerabilities

Description

### Background GNU IDN Library 2 is an implementation of the IDNA2008 + TR46 specifications (RFC 5890, RFC 5891, RFC 5892, RFC 5893, TR 46). ### Description Multiple vulnerabilities have been discovered in GNU IDN Library 2. Please review the CVE identifiers referenced below for details. ### Impact A remote attacker could send specially crafted input, possibly resulting in execution of arbitrary code with the privileges of the process, impersonation of domains or a Denial of Service condition. ### Workaround There is no known workaround at this time. ### Resolution All GNU IDN Library 2 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/libidn2-2.2.0"


Affected Package


OS OS Version Package Name Package Version
Gentoo any net-dns/libidn2 2.2.0

Related