Mehrere Probleme in icoutils
ID: | FEDORA-2017-7c221d6f49 |
Distribution: | Fedora |
Plattformen: | Fedora 24 |
Datum: | Di, 17. Januar 2017, 23:26 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5333
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5332 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5208 |
Applikationen: | icoutils |
Originalnachricht |
|
Name : icoutils Product : Fedora 24 Version : 0.31.1 Release : 1.fc24 URL : http://www.nongnu.org/icoutils/ Summary : Utility for extracting and converting Microsoft icon and cursor files Description : The icoutils are a set of programs for extracting and converting images in Microsoft Windows icon and cursor files. These files usually have the extension .ico or .cur, but they can also be embedded in executables or libraries. -------------------------------------------------------------------------------- Update Information: This new point release fixes a security vulnerability in wrestool. For further details see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850017 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1411251 - CVE-2017-5208 icoutils: Check_offset overflow on 64-bit systems https://bugzilla.redhat.com/show_bug.cgi?id=1411251 [ 2 ] Bug #1412263 - CVE-2017-5332 icoutils: Access to unallocated memory possible in extract.c https://bugzilla.redhat.com/show_bug.cgi?id=1412263 [ 3 ] Bug #1412259 - CVE-2017-5333 icoutils: Integer overflow vulnerability in extract.c https://bugzilla.redhat.com/show_bug.cgi?id=1412259 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade icoutils' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org |