Squid could be made to crash if it received specially crafted network traffic.
Comment
Charles Fol discovered that the iconv() function in the GNU C library is prone to a buffer overflow vulnerability when converting strings to the ISO-2022-CN-EXT character set, which may lead to denial of service (application crash) or the execution of arbitrary code.
Update to idna-3.7.
Security fix for CVE-2023-4692 Security fix for CVE-2023-4693 Fri Apr 12 2024 Nicolas Frayer [email protected] – 2.06-121 fs/xfs: Handle non-continuous data blocks in directory extents Related: #2254370
Update to latest upstream version 1.7.17 (closes rhbz#2255953)