UbuntuUpdates.org

Package "libidn"

Name: libidn

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Development files for GNU Libidn, an IDN library
  • Transitional development package for GNU Libidn
  • GNU Libidn library, implementation of IETF IDN specifications

Latest version: 1.38-4ubuntu1.1
Release: jammy (22.04)
Level: security
Repository: main

Links



Other versions of "libidn" in Jammy

Repository Area Version
base main 1.38-4build1
base universe 1.38-4build1
security universe 1.38-4ubuntu1.1
updates main 1.38-4ubuntu1.1
updates universe 1.38-4ubuntu1.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.38-4ubuntu1.1 2026-07-09 15:08:15 UTC

  libidn (1.38-4ubuntu1.1) jammy-security; urgency=medium

  * SECURITY UPDATE: OOB of uninitialized memory
    - debian/patches/CVE-2026-57053.patch: Guard against read-out-bounds on some
      xn-- strings in lib/idna.c.
    - CVE-2026-57053

 -- Marc Deslauriers <email address hidden> Tue, 07 Jul 2026 09:13:37 -0400

CVE-2026-57053 GNU libidn before 1.44 is prone to out-of-bounds reads of uninitialized memory in the ToUnicode APIs because of mishandling in idna_to_unicode_intern



About   -   Send Feedback to @ubuntu_updates