Overview

File _patchinfo of Package patchinfo.6211

<patchinfo incident="6211">
  <issue id="1018756" tracker="bnc">VUL-0: CVE-2017-5208,CVE-2017-5331,CVE-2017-5332,CVE-2017-5333: icoutils: exploitable crash in wrestool programm</issue>
  <issue id="2017-5208" tracker="cve" />
  <issue id="2017-5333" tracker="cve" />
  <issue id="2017-5332" tracker="cve" />
  <issue id="2017-5331" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>Lazy_Kent</packager>
  <description>
This update for icoutils to version 0.31.1 fixes the following issues:

- CVE-2017-5208: An integer overflow allows maliciously crafted files to cause DoS or code execution (boo#1018756).
- CVE-2017-5331: Incorrect out of bounds checks in check_offset allow for DoS or code execution (boo#1018756).
- CVE-2017-5332: Missing out of bounds checks in extract_group_icon_cursor_resource allow for DoS or code execution (boo#1018756).
- CVE-2017-5333: Incorrect out of bounds checks in check_offset allow for DoS or code execution (boo#1018756).
</description>
  <summary>Security update for icoutils</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places