Mehrere Probleme in icoutils
ID: | FEDORA-2017-e8460ebed6 |
Distribution: | Fedora |
Plattformen: | Fedora 24 |
Datum: | Do, 16. März 2017, 23:04 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6011
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6010 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6009 |
Applikationen: | icoutils |
Originalnachricht |
|
Name : icoutils Product : Fedora 24 Version : 0.31.2 Release : 1.fc24 URL : http://www.nongnu.org/icoutils/ Summary : Utility for extracting and converting Microsoft icon and cursor files Description : The icoutils are a set of programs for extracting and converting images in Microsoft Windows icon and cursor files. These files usually have the extension .ico or .cur, but they can also be embedded in executables or libraries. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-6009, CVE-2017-6010, CVE-2017-6011. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1422908 - CVE-2017-6011 icoutils: Buffer overflow in the simple_vec function https://bugzilla.redhat.com/show_bug.cgi?id=1422908 [ 2 ] Bug #1422907 - CVE-2017-6010 icoutils: Buffer overflow in the extract_icons function https://bugzilla.redhat.com/show_bug.cgi?id=1422907 [ 3 ] Bug #1422906 - CVE-2017-6009 icoutils: Buffer overflow in the decode_ne_resource_id function https://bugzilla.redhat.com/show_bug.cgi?id=1422906 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade icoutils' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org |