[ubuntu/xenial-updates] icoutils 0.31.0-3ubuntu0.1 (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Mon Jan 18 13:28:12 UTC 2021


icoutils (0.31.0-3ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2017-5208.patch: fix check_offset overflow on
      64-bit systems in wrestool/fileread.c.
    - CVE-2017-5208
  * SECURITY UPDATE: Arbitrary code execution and Denial of service
    - debian/patches/CVE-2017-5331.patch: make check_offset more stringent
      in wrestool/fileread.c.
    - CVE-2017-5331
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2017-5332.patch: prevent access to unallocated memory
      in wrestool/extract.c.
    - CVE-2017-5332
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2017-5333.patch: fix an index in wrestool/extract.c.
    - CVE-2017-5333
  * SECURITY UPDATE: Failed memcpy, crash and buffer overflow
    - debian/patches/CVE-2017-6009_CVE-2017-6010_CVE-2017-6011.patch: fix in
      icotool/extract.c, wrestool/restable.c.
    - CVE-2017-6009
    - CVE-2017-6010
    - CVE-2017-6011

Date: 2021-01-14 14:33:08.996467+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/icoutils/0.31.0-3ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.


More information about the Xenial-changes mailing list