An uriparser security update has been released for Debian GNU/Linux 8 Extended LTS to address two invalid free issues.
ELA-541-1 uriparser security update
Package uriparser
ELA-541-1 uriparser security update
Version 0.8.0.1-2+deb8u3
Related CVEs CVE-2021-46141 CVE-2021-46142
It was discovered that there were two “invalid free” issues in uriparser, a C library for parsing URLs according to RFC 3986.
For Debian 8 Jessie, these problems have been fixed in version 0.8.0.1-2+deb8u3.
We recommend that you upgrade your uriparser packages.
Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/