Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Fedora 34: 2022-00a529a8bf Critical: Uriparser Invalid Free Operations

fedora
Calendar Grey January 15, 2022
Dist Fedora Esm H88
Fedora's latest update for the uriparser package, version 0.9.6, fixes invalid free operations, enhancing security and stability for applications relying on URI parsing
Update to 0.9.6, see https://github.com/uriparser/uriparser/blob/uriparser-0.9.6/ChangeLog for details.

Summary

Uriparser is a strictly RFC 3986 compliant URI parsing library written

in C. uriparser is cross-platform, fast, supports Unicode and is

licensed under the New BSD license.

Update to 0.9.6, see

https://github.com/uriparser/uriparser/blob/uriparser-0.9.6/ChangeLog for

details.

* Fri Jan 7 2022 Sandro Mani - 0.9.6-1

- Update to 0.9.6

* Fri Jul 23 2021 Fedora Release Engineering - 0.9.5-2

- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild

* Wed Mar 24 2021 Sandro Mani - 0.9.5-1

- Update to 0.9.5

[ 1 ] Bug #2037917 - CVE-2021-46141 uriparser: Invalid free operations in uriFreeUriMembers and uriMakeOwner [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=2037917

[ 2 ] Bug #2037918 - CVE-2021-46141 mingw-uriparser: uriparser: Invalid free operations in uriFreeUriMembers and uriMakeOwner [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=2037918

[ 3 ] Bug #2037922 - CVE-2021-46142 uriparser: Invalid free operations in uriNormalizeSyntax. [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=2037922

[ 4 ] Bug #2037923 - CVE-2021-46142 mingw-uriparser: uriparser: Invalid free operations in uriNormalizeSyntax. [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=2037923

su -c 'dnf upgrade --advisory FEDORA-2022-00a529a8bf' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

Topics%20covered

Topics Covered

security advisory Fedora uriparser Update Notification C critical free operations

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 34
Version: 0.9.6
Release: 1.fc34
URL: https://uriparser.github.io/
Summary: URI parsing library - RFC 3986

Topics%20covered

Topics Covered

security advisory Fedora uriparser Update Notification C critical free operations

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here