Bug 1431730 (CVE-2017-6800, CVE-2017-6801, CVE-2017-6802, CVE-2017-9058, CVE-2017-9146)
Summary: | CVE-2017-6800 CVE-2017-6801 CVE-2017-6802 CVE-2017-9058 CVE-2017-9146 ytnef: Multiple vulnerabilities fixed in 1.9.2 version | ||||||
---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Andrej Nemec <anemec> | ||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||
Status: | CLOSED UPSTREAM | QA Contact: | |||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | unspecified | CC: | andreas.bierfert, itamar, ppisar, sheltren | ||||
Target Milestone: | --- | Keywords: | Security | ||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | ytnef 1.9.2 | Doc Type: | If docs needed, set a value | ||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2019-06-08 03:08:58 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | 1422814, 1422815, 1422816, 1422817 | ||||||
Bug Blocks: | |||||||
Attachments: |
|
Description
Andrej Nemec
2017-03-13 16:27:05 UTC
Created libytnef tracking bugs for this issue: Affects: fedora-all [bug 1422817] Affects: epel-all [bug 1422814] Created ytnef tracking bugs for this issue: Affects: fedora-all [bug 1422815] Affects: epel-all [bug 1422816] The correct fix will be to merge ytnef and libytnef into one package (as done upstream with version 1.9. I have prepared a scratch build here. Itamar if you don't mind I will push this to rawhide and deprecate the separate libytnef there and then go to the releases once this got a bit more testing. https://koji.fedoraproject.org/koji/taskinfo?taskID=18454905 Created attachment 1264378 [details]
spec patch
Another CVE was reported in libytnef. CVE-2017-9058 - In libytnef in ytnef through 1.9.2, there is a heap-based buffer over-read due to incorrect boundary checking in the SIZECHECK macro in lib/ytnef.c. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862556 Another CVE was reported in libytnef. CVE-2017-9146 - The TNEFFillMapi function in lib/ytnef.c in libytnef in ytnef through 1.9.2 does not ensure a nonzero count value before a certain memory allocation, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted tnef file. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862707 This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products. |