[ubuntu/focal-security] adsys 0.9.2~20.04.2ubuntu0.1 (Accepted)
Rodrigo Figueiredo Zaiden
rodrigo.zaiden at canonical.com
Thu Jan 9 15:17:31 UTC 2025
adsys (0.9.2~20.04.2ubuntu0.1) focal-security; urgency=medium
* SECURITY UPDATE: Denial of service in parse function.
- Use strings.EqualFold instead of direct comparison and
strings.ToLower in .../html/doctype.go, .../html/foreign.go, and
.../html/parse.go. Based on
https://go.googlesource.com/net/+/8e66b04771e35c4e4125e8c60334b34e2423effb
upstream patch.
- CVE-2024-45338
adsys (0.9.2~20.04.2) focal; urgency=medium
[ Didier Roche ]
[ Matthew Ruffell ]
* Fix processing of domain names to correctly parse '-' characters
when creating valid dbus object paths, enabling domains with
'-' to work, e.g. "test-example.com". (LP: #2020834)
- internal/ad/ad.go
Date: 2025-01-07 18:46:10.530304+00:00
Changed-By: Hlib Korzhynskyy <hlib.korzhynskyy at canonical.com>
Signed-By: Rodrigo Figueiredo Zaiden <rodrigo.zaiden at canonical.com>
https://launchpad.net/ubuntu/+source/adsys/0.9.2~20.04.2ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list