An uriparser security update has been released for Debian GNU/Linux 8 Extended LTS to address two invalid free issues.

ELA-541-1 uriparser security update

Package uriparser
Version 0.8.0.1-2+deb8u3
Related CVEs CVE-2021-46141 CVE-2021-46142

It was discovered that there were two “invalid free” issues in uriparser, a C library for parsing URLs according to RFC 3986.

For Debian 8 Jessie, these problems have been fixed in version 0.8.0.1-2+deb8u3.

We recommend that you upgrade your uriparser packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/

  ELA-541-1 uriparser security update